Friday, August 26, 2011

Leading Industry Analyst Firm Cites Prolexic in Recent Hype Cycle Report


Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) mitigation services, today announced that it has been mentioned as a sample vendor in a report entitled, “Hype Cycle for Infrastructure Protection, 2011” by respected industry analyst firm Gartner. In the August 10 report, Gartner predicts DDoS defense will achieve mainstream adoption in less than two years and lists it as “highly beneficial” on its Priority Matrix.

Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) mitigation services, today announced that it has been mentioned as a sample vendor in a report entitled, “Hype Cycle for Infrastructure Protection, 2011” by respected industry analyst firmGartner.
In the August 10 report, Gartner predicts DDoS defense will achieve mainstream adoption in less than two years and lists it as “highly beneficial” on its Priority Matrix.
A DDoS attack is an attempt to make a computer resource (i.e. web site, e-mail, voice, or a whole network) unavailable to its intended users. By overwhelming a web site and/or server with data and/or requests, the target system either responds so slowly as to be unusable or crashes completely. The data volumes required to do this are typically achieved by a network of remotely controlled Zombie or botnet [robot network] computers.

"Gartner client calls on DDoS have increased and DDoS services are nearing "must-have" status. Any Internet-enabled application that requires guaranteed levels of availability should employ DDoS protection to meet those requirements."

According to Gartner Vice President and Research Fellow, John Pescatore, Gartner client calls on DDoS have increased and DDoS services are nearing "must-have" status. In the report, he states, “DDoS mitigation services should be a standard part of business continuity/disaster recovery planning and be included in all Internet service procurements when the business depends on the availability of Internet connectivity. Any Internet-enabled application that requires guaranteed levels of availability should employ DDoS protection to meet those requirements.” The report also lists 10 sample DDoS mitigation providers, including Prolexic.
“Because DDoS is all we do, we have more expertise, more experience and more network resources dedicated to fighting these attacks than any other provider,” said Scott Hammack, chief executive officer at Prolexic. “That’s why large, complex attacks that can overwhelm other providers always end at Prolexic.”
Since 2003, Prolexic has been protecting Internet facing infrastructures against all known types of DDoS attacks at the network, transport and application layers with a distributed global network of scrubbing centers. By dedicating more bandwidth to attack traffic than any other provider – supplemented by proprietary tools, techniques, and experienced security experts – Prolexic has been able to handle the largest and most sophisticated DDoS attacks ever launched.
Prolexic’s singular focus on DDoS mitigation also avoids potential conflicts of interest between business groups for companies that offer multiple service lines. This can occur when a DNS provider also offers “add on” DDoS mitigation services, for example. If the same infrastructure that supports DNS services is overwhelmed by a DDoS attack, it is possible that DDoS customers will be sacrificed to protect DNS customers and the company’s core business. Pure play DDoS mitigation providers like Prolexic do not have this concern.
“Five of the ten largest global banks, e-Commerce providers, payment processors and others with mission critical Internet-facing infrastructures trust Prolexic to protect them from DDoS attacks and restore availability in minutes,” said Hammack. “That’s why Prolexic is the gold standard for DDoS monitoring and mitigation.”

Thursday, August 11, 2011

Prolexic Becomes First DDoS Mitigation Provider to Gain PCI DSS Certification - Speeds Service Provisioning to Mitigate Encrypted Layer 7 Attacks -

Prolexic Technologies, the global leader in Distributed Denial of Service (DDoS) mitigation services, today announced that it is the first DDoS mitigation provider to secure PCI DSS (Payment Card Industry Data Security Standard) level 2 certification.
PCI DSS is a worldwide program designed to help protect consumers from fraud by regulating payment card data security. The PCI DSS standard is the result of a collaborative effort by the major credit card brands (Visa, MasterCard, American Express, Discover and JCB) to build a set of requirements designed to ensure that all merchants that process, store or transmit credit card information maintain a secure online environment.
In the last few years, Prolexic has observed an increase in the number of encrypted attacks against web properties. Typically, these attacks use Secure Socket Layer (SSL) to start an application layer (Layer 7) attack. To monitor and mitigate these encrypted attacks effectively, Prolexic requires that a customer provide their data decrypting private keys.
“Achieving PCI DSS compliance makes it much easier for customers to deploy with us and leverage our unique capabilities to overcome encrypted attacks,” said Paul Sop, chief technology officer at Prolexic. “With this certification, customers know instantly that our key management and security procedures are in compliance with their PCI DSS policy without the time and expense of auditing Prolexic.”

Quote startWith this certification, customers know instantly that our key management and security procedures are in compliance with their PCI DSS policy without the time and expense of auditing Prolexic.Quote end

While PCI DSS certification is not required because Prolexic does not store or process any credit card data, certification makes it much easier for a compliant organization to onboard with Prolexic. Critically, certification speeds deployment of remediation for compliant organizations during encrypted Layer 7 DDoS attacks.
Brightline,, an external auditing company specializing in assurance and compliance services, found that Prolexic has taken sound measures to establish a solid set of security controls and procedures.
“Achieving compliance with this globally recognized data security standard is a significant milestone for Prolexic,” added Sop. “With more and more payment processing and e-Commerce companies coming under DDoS attack, this certification will further differentiate our capabilities and make Prolexic the logical choice for these types of organizations.”
About Prolexic
Prolexic is the world’s largest, most trusted Distributed Denial of Service (DDoS) mitigation provider. Able to absorb the largest and most complex attacks ever launched, Prolexic restores mission critical Internet facing infrastructures for global enterprises and government agencies within minutes. Five of the world’s ten largest banks and the leading companies in e-Commerce, payment processing, travel/hospitality, gaming and other at risk industries rely on Prolexic to protect their businesses. Founded in 2003 as the world’s first “in the cloud” DDoS mitigation platform, Prolexic is headquartered in Hollywood, Florida and has scrubbing centers located in the Americas, Europe and Asia. For more information, visit

IT security – a priority for African businesses

As Kenya prepares to host the IDC IT Security Roadshow, Kaspersky Lab is proud to be a part of such a thought leading event, as the company aims to stress the importance of proactive security measures that businesses operating in East Africa need to understand and implement today, for future success.
“91% of companies have experienced at least one IT security event from an external source in the last 12 months. This high statistic certainly proves just how crucial corporate IT security is now more than ever. The reality is that cybercriminal activity targeted at the corporate has, and will continue, to grow on a global scale, especially as newer, more innovative technologies evolve and become critical business competitive tools. And with the prediction that East Africa will be a significant contributor to Africa’s forecasted growth of 3.7%² in 2011 – the African continent will continue to boom economically where the business landscape will grow – making businesses operating in African countries an ideal target for cybercriminals,” says Sergey Novikov, Kaspersky Lab Head of EEMEA Research Centre.
In their recently released report, Worldwide Security Products and Services 2011 Top 10 predictions, the IDC drew some interesting conclusions that closely correspond to Kaspersky Lab’s strategy and vision in this regard. Of these, the IDC predicts that consumers and enterprises will continue to grow their spending on Endpoint Security at surprising rates – the reason being obvious – corporate IT security is a necessity! Customers and enterprises are looking  for  an  integrated  approach  that  offers  a  broad  range  of  protection from malicious cyber attacks, accidental  disclosure  of  sensitive  information  (consumer  and  corporate),  usage  by  unauthorised  users  (identity  fraud), and  applications (botnets).
“For many years now, Kaspersky Lab has taken an integrated approach to protection in our product offering and believe that IT Security should be top of mind for all businesses operating within the African continent. Apart from the traditional organisation of DDoS attacks, cybercriminals today have a main focus of targeting corporate servers for stealing corporate data and African businesses are not excluded,” says Novikov.
The IDC further predicts that small and medium enterprises (SMEs) globally will see more targeted attacks against data and resources. Small businesses will see increasing attacks on customer data.  Attempts to take full control of servers, PCs, and storage arrays for botnets, DDoS attacks, spam, phishing, hacktivism, and other uses are also expected to increase.
“With SMEs accounting for an estimated 60%³ of all employment in East Africa, and contributing up to 30% of gross national product, the SME sector in East Africa cannot afford to experience such attacks on their organisations, as the results could be detrimental likely having a ripple effect on the economy,” adds Novikov.
The conference will be taking place at the Hilton Hotel in Nairobi, where Novikov aims to provide insight into the above at the IDC IT Security Roadshow, to ensure that businesses operating within the African landscape are made aware of such threats that exist and take the necessary action required to avoid the impact of these attacks.
“The reality today is that proactive security is a requirement for all businesses, to ensure effective protection against such threats and attacks. Corporate servers are being attacked continuously and should such activity continue to take place, a business could stand to loss everything. Implementing the necessary corporate IT security measures now is the next major step for East African based businesses in effectively protecting enterprises – ensuring success and as such, continued positive growth of the African continent,” concludes Novikov.

HKEx - Hong Kong stock exchange Hacked

Trading in Hong Kong was disrupted on Wednesday by a hacking incident on the Hong Kong Exchange website. "Our current assessment that this is a result of a malicious attack by outside hacking," Charlies Li, chief executive of Hong Kong Exchanges & Clearing, told reporters.

The seven stocks in question were all due to release sensitive results to the website that could impact the price of their stocks.Although the Hong Kong stock exchange also operates an alternative backup site for posting the results, it chose to halt trading of the affected stocks for the afternoon session.Stocks affected included HSBC, Cathay Pacific, China Power International and the Hong Kong exchange itself.It is unclear at this point whether the attack actually compromised the site, or if it was merely a denial of service attack.

"It was the first time for a suspension due to such a kind of technical problem and one involving so many companies," Alfred Chan, chief dealer at Cheer Pearl Investment in Hong Kong. Hackers attacked the Zimbabwe stock exchange website on Friday, forcing a shutdown of the site and hampering traders monitoring performance on the 79-company bourse.

Wednesday, August 10, 2011

Hacker Group Anonymous Vows To Destroy Facebook On November 5

Hacktivist group Anonymous, which has been responsible for cyber-attacks on the Pentagon, News Corp, and others, has vowed to destroy Facebook on November 5th (which should ring a bell).
Citing privacy concerns and the difficulty involved in deleting a Facebook account, Anonymous hopes to "kill Facebook," the "medium of communication [we] all so dearly adore."
This isn't the first time Anonymous has spoken out against social networks.
After Google removed Anonymous' Gmail and Google+ accounts, Anonymous pledged to create its own social network, called AnonPlus.
The full text of the announcement, made on YouTube and reported by Village Voice, is below:
Operation Facebook

DATE: November 5, 2011.


Twitter :
Irc.Anonops.Li #OpFaceBook

Attention citizens of the world,

We wish to get your attention, hoping you heed the warnings as follows:
Your medium of communication you all so dearly adore will be destroyed. If you are a willing hacktivist or a guy who just wants to protect the freedom of information then join the cause and kill facebook for the sake of your own privacy.

Facebook has been selling information to government agencies and giving clandestine access to information security firms so that they can spy on people from all around the world. Some of these so-called whitehat infosec firms are working for authoritarian governments, such as those of Egypt and Syria. 

Everything you do on Facebook stays on Facebook regardless of your "privacy" settings, and deleting your account is impossible, even if you "delete" your account, all your personal info stays on Facebook and can be recovered at any time. Changing the privacy settings to make your Facebook account more "private" is also a delusion. Facebook knows more about you than your family. 

You cannot hide from the reality in which you, the people of the internet, live in. Facebook is the opposite of the Antisec cause. You are not safe from them nor from any government. One day you will look back on this and realise what we have done here is right, you will thank the rulers of the internet, we are not harming you but saving you.

The riots are underway. It is not a battle over the future of privacy and publicity. It is a battle for choice and informed consent. It's unfolding because people are being raped, tickled, molested, and confused into doing things where they don't understand the consequences. Facebook keeps saying that it gives users choices, but that is completely false. It gives users the illusion of and hides the details away from them "for their own good" while they then make millions off of you. When a service is "free," it really means they're making money off of you and your information.

Think for a while and prepare for a day that will go down in history. November 5 2011, #opfacebook . Engaged.

This is our world now. We exist without nationality, without religious bias. We have the right to not be surveilled, not be stalked, and not be used for profit. We have the right to not live as slaves.

We are anonymous
We are legion
We do not forgive
We do not forget
Expect us

Monday, August 8, 2011

Morocco: Militant Website Sustains DDoS Attack

The Moroccan militant website Mamfakinch! has come under a distributed denial-of-service (DDoS) attack on Sunday 31 July, 2011, which blocked the access to its main platform for several hours. The website is now back online.
What is Mamfakinch! and why has it been attacked?
In the wake of the Arab revolutions, a couple of Moroccan online activists launched a militant website on February 17, 2011. They called it Mamfakinch!, which in Moroccan Arabic means “We won't give up!”.

In the six months of its existence Mamfakinch! has attracted a record audience of over a million unique visitors across its two main outlets which comprise an online news portal and a blog. The site's goal, according to its members, is to provide a platform for free expression for opposition voices and pro-democracy activists.
Against the backdrop of the Arab revolutions, Mamfakinch! set about to aggregate, curate and disseminate citizen media material, emulating the work of similar outlets in the region, notably the celebrated Tunisian news portal
But as Mamfakinch! readers and supporters have grown in number, so too have its detractors. “The website has gained a lot of popularity in the Moroccan activist blogosphere but we had also attracted a lot of enemies. Attacks against the website have started very early on but they are becoming increasingly aggressive” says this site's co-manager who also explains that the platform is receiving regular threats and countless derogatory comments. [Please note: the Mamfakinch! representatives interviewed in this article wish to remain anonymous].
One video recently surfaced on the internet purporting to show an attack against Mamfakinch!. The site was quick to publish an article [Fr] in which it (very sarcastically) dismissed the alleged attack as “a miserable spoof”.
The Attack
This Sunday, while the website was securing the exclusive live coverage of the pro-democracy marches and demonstrations being held across the kingdom, access to its main portal was denied. The blockade lasted for several hours before the site again became accessible late in the evening.
According to the site administrators, Mamfakinch! came under a large-scale DDoS attack. “The attack seems to originate from thousands of dynamic IPs localted in Saudi Arabia (!)” says the website's webmaster. The site's server has, in the matter of a few hours, became overloaded with the amount of new automated IPs' requests.
“The site is now up and running and we have taken measures to insure that such attacks don't happen in the future… although no one can be absolutely sure” says this co-founder of the site who adds that his colleagues, “for obvious security reasons, prefer not to disclose details of the steps taken to secure access to the site.”
Like in Ben Ali's Tunisia
Before the revolution in Tunisia, Morocco was praised for the relative freedom enjoyed by its internet users. But the country is now seeing a surge in attacks against online dissidents, several of whom have had their Facebook or email accounts hacked into. Phishing techniques were probably used to harvest account passwords.
DDoS attacks, infiltration techniques and blockage of dissident domain names were common during the Ben Ali era in Tunisia. Those types of attacks are increasingly becoming commonplace in Morocco. The site of the irreverent magazine Demain Online has not yet recovered from an attack it suffered over a month ago. The website, believed to be related to the pro-democracy movement in Morocco, also came under attack several weeks ago. It has been offline ever since.
“The more they attacks us, the more we learn!”
Paradoxically, in the Arab world, the most experienced activists usually come from the most repressive environments. After a long confrontation with their governments, Tunisian and Egyptian activists have become experts in circumvention tools. This expertise is now being transferred to other countries in the region where militants are learning each day as they struggle against attempts to censor their voices online.
This statement from a member of Mamfakinch! sums up the situation quite well: “The more they attack us, the more we learn! Let them come!”

Anonymous unsheathes new, potent attack weapon

Better DDoS attacks ahead

Members of Anonymous are developing a new attack tool as an alternative to the LOIC (Low Orbit Ion Cannon) DDoS utility.
The move follows a spate of arrests thought to be connected to use of the LOIC, which by default does nothing to hide a user's identity.
The new tool, dubbed RefRef, due to be released in September, uses a different approach to knocking out websites. LOIC floods a targeted site with TCP or UDP packets, a relatively unsophisticated yet effective approach, especially when thousands of users use the tool to join voluntary botnets.
RefRef, by contrast, is based on a more sophisticated application-level approach designed to tie up or crash the servers behind targeted websites instead of simply flooding them with junk traffic, according to a blog post on the development by an Anonymous-affiliated blog.
"Anonymous is developing a new DDoS tool," the post explains. "So far, what they have is something that is platform neutral, leveraging JavaScript and vulnerabilities within SQL to create a devastating impact on the targeted website."
RefRef, which uses a "target site's own processing power against itself" is undergoing field trials, with tests against Pastebin, the blog post by AnonOps Communications reports.
Arrests in UK, Spain and Turkey connected to LOIC-powered attacks have already prompted some core members of Anonymous to move towards using a new server and dropping LOIC in favour of other attack tools, such as Slow Loris and Keep-Dead DoS. This now seems to be purely a stop-gap measure while RefRef undergoes development.
LOIC was originally developed for network stress-testing, but later released into the public domain where, years later, it became a weapon of choice for hacktivists, most notably in the Operation Payback attacks against financial service organisations that blocked accounts controlled by Wikileaks last December following the controversial release of US diplomatic cables.
The problem with LOIC is that unless attacks are anonymised by routing them through networks, such as Tor, then users will be flinging junk packets that are stamped with their IP address at the targeted systems. These IP addresses can then be traced back to suspects by police.
Whether or not RefRef does a better job at anonymisation, by default, remains unclear but early experiments suggest that Anonymous is brewing a more potent attack tool. "Supposedly, the tool will DoS a targeted website with ease," Dancho Danchev, an independent cyber-threats analyst told El Reg. ®

DIY Spy Drone Sniffs Wi-Fi, Intercepts Phone Calls

LAS VEGAS — What do you do when the target you’re spying on slips behind his home-security gates and beyond your reach?
Launch your personal, specially equipped WASP drone — short for Wireless Aerial Surveillance Platform — to fly overhead and sniff his Wi-Fi network, intercept his cellphone calls, or launch denial-of-service attacks with jamming signals.
These are just a few of the uses of the unmanned aerial vehicle that security researchers Mike Tassey and Richard Perkins demonstrated at the Black Hat security conference here Wednesday.
At a cost of about $6,000, the two converted a surplus FMQ-117B U.S. Army target drone into their personal remote-controlled spy plane, complete with Wi-Fi and hacking tools, such as an IMSI catcher and antenna to spoof a GSM cell tower and intercept calls. It also had a network-sniffing tool and a dictionary of 340 million words for brute-forcing network passwords.
The GSM hack was inspired by a talk given at last year’s DefCon hacker conference by Chris Paget, who showed how to create a cellphone base station that tricks nearby handsets into routing their outbound calls through it instead of through commercial cell towers.
That routing allows someone to intercept even encrypted calls in the clear. The device tricks phones into disabling encryption, and records call details and content before they’re routed to their intended receiver through voice-over-internet protocol or redirected to anywhere else the hacker wants to send them.

The drone takes that concept and gives it flight. The plane weighs 14 pounds and is 6 feet long. Per FAA regulations, it can legally fly only under 400 feet and within line of sight. But the height is sufficient to quiet any noise the drone might produce, which the researchers said is minimal, and still allow the plane to circle overhead unobtrusively.
It can be programmed with GPS coordinates and Google maps to fly a predetermined course, but requires remote control help to take off and land.
The two security researchers created the spy plane as a proof of concept to show what criminals, terrorists and others might also soon be using for their nefarious activities.
Tassey, a security consultant to Wall Street and the U.S. intelligence community, told the conference crowd that if the two of them could think up and build a personal spy drone, others were likely already thinking about it, too.
The spy drones have multiple uses, both good and bad. Hackers could use them to fly above corporations to steal intellectual property and other data from a network, as well as launch denial-of-service or man-in-the-middle attacks. They could also transmit a cellphone jamming signal to frustrate an enemy’s communications.
“It’s hard to keep something that’s flying from getting over your facility,” Tassey said.
A drone could also be used to single out a target, using the target’s cellphone to identify him in a crowd, and then follow his movements. And it would be handy for drug smuggling, or for terrorists to trigger a dirty bomb.
But the drones don’t just have malicious uses. The researchers point out that they would be great for providing emergency cellular access to regions hit by a disaster.
The drones could also be outfitted with infrared cameras and shape-recognition technology to run search-and-rescue missions for lost hikers. The military could use them for electronic countermeasures to jam enemy signals or as communication relays flown over remote areas to allow soldiers on two sides of a mountain, for example, to communicate.
“You don’t need a PhD from MIT to do this,” Perkins said.

Hackers attack Zim stock exchange site


Harare - Computer hackers have attacked the Zimbabwe Stock Exchange website, prompting the authorities at the bourse to shut down the site, chief executive Emmanuel Munyukwi said on Friday.

"Our website has been targeted by hackers and the last incident was on Wednesday," Munyukwi told AFP.

"We have taken it offline. Our hosts have recommended to us that the site is no longer safe and they notified us about this yesterday."

"They have also recommended that we need a new website," he added.

Munyukwi said the attack affected traders monitoring performance on the bourse with 79 listed companies.

ZSE does not conduct trading on the internet.

Early this year hackers attacked the website of Zimbabwe's finance ministry.

Hacker group Anonymous takes over Syrian Ministry of Defense website

A screenshot of the Syrian Ministry of Defense website after it was hacked by the 4Chan hacker group Anonymous

The loose band of global hackers known as Anonymous has claimed another scalp in its ongoing fight against tyrants, corporate crooks and naysayers, taking over the Syrian government Ministry of Defense website and replacing it with message of support for the Syrian people.
News of the hack, just the latest in a string of high profile takedowns that include Rupert Murdoch's News of the Word newspaper, Paypal and others, spread like wildfire over Twitter Sunday night as social media users echoed support.
The hacking excursion comes jus tours after Syrian forces were accused of firing on civilians, killing an estimated 50 people in the rebel-controlled city of Deir al-Zour.
Replacing the traditional website at was an adapted Syrian flag, now featuring the Anonymous logo, with a message below in Arabic and English, saying the following:
"To the Syrian people: The world stands with you against the brutal regime of Bashar Al-Assad. Know that time and history are on your side - tyrants use violence because they have nothing else, and the more violent they are, the more fragile they become. We salute your determination to be non-violent in the face of the regime's brutality, and admire your willingness to pursue justice, not mere revenge. All tyrants will fall, and thanks to your bravery Bashar Al-Assad is next."
It continued, "To the Syrian military: You are responsible for protecting the Syrian people, and anyone who orders you to kill women, children, and the elderly deserves to be tried for treason. No outside enemy could do as much damage to Syria as Bashar Al-Assad has done. Defend your country - rise up against the regime! - Anonymous"
This is just the latest incident in a weekend of hacker activity; On Friday, Anonymous hackers broke into the websites and emails of 70 U.S. police networks, and Saturday saw hackers at the DefCon convention run a contest to see which company had the most lax computer security. Oracle had the misfortune of winning the competition.

Tuesday, August 2, 2011

77 Law Enforcement websites hit in mass attack by #Antisec Anonymous

Because of FBI’s actions against Anonymous and Lulzsec including several arrests, Now AntiSec supporters have targeted 77 law enforcement domains and walked away with everything on them. 77 domains were hosted on the same server. Few weeks before AntiSec targeted Arizona police departments, leaking personal information and other sensitive data, in response to immigration laws passed by the state. This time however, the latest law enforcement raid by AntiSec is in response to actions taken by the FBI.

77 US law enforcement institutions were attacked including :,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

In 77 law enforcement domains were attacked, resulting in the theft of 5-10GB worth of sensitive documents. Some of the data lifted in the AntiSec raids includes training files, and the personal information like names, addresses, phone numbers, Social Security Numbers, usernames, and passwords of more than 7,000 officers from dozens of police departments.
[The compromised data] also contained jail inmate databases and active warrant information, but we are redacting the name/address info to demonstrate how those facing the gun of the criminal injustice system are our comrades and not our adversaries. On the other hand, we will be making public name and contact information about informants who had the false impression that they would be able to ‘anonymously’ snitch in secrecy.

We demand prosecutors immediately drop all charges and investigations against all ‘Anonymous’ defendants,” Attacker said.

To law enforcement: your bogus trumped-up charges against the Anonymous PayPal
LOIC attacks will not stick, nor will your intimidation tactics stop us from exposing your corruption. While many of the recent ‘Anonymous’ arrestees are completely innocent, there is no such thing as an innocent cop, and we will act accordingly.”

To our hacker comrades: now is the time to unite and fight back against our common oppressors. Escalate attacks against government, corporate, law enforcement and military targets: destroy their systems and leak their private data.

Sheriff Montgomery’s , of Baxter County, Arkansas, website is among the 77 recently targeted by AntiSec.
As of Saturday evening, remains offline. A mirror of the site’s defacement by AntiSec is here. Additionally,, was offline as well. It too is listed as one of the 77 sites targeted by AntiSec.

Monday, August 1, 2011

Topiary 'known' to police says network giant

Frontline Lulzsec hacking member Topiary's identity and whereabouts were known to British police, chief technology officer of Prolexic Paul Sop has said.
While debate raged over whether British Police had arrested Topiary.
Scotland Yard released the name of a teenager, Jake Davis, it arrested in the Shetland Islands last week on suspicion of involvement with the LulzSec hacking group.
It has yet to emerge if the arrest man was the LulzSec identity Topiary, a concept contested by some online groups dedicated to uncovering the groups' participants.
Paul Sop, chief technology officer at Prolexic could not say if Topiary was in police hands, or talk specifically about the international police operation to locate and identify suspected online criminals within Anonymous and LulzSec because of non-disclosure agreements.
But he confirmed that police knew who and where Topiary was.
“Yes, I’ve read about the speculation. But you know I can’t say anything, right?” Sop said.
His company used its global IP network and technical specialists to defend businesses against Distributed Denial of Service (DDoS) attacks.
In doing so, it had harvested countless IP addresses and other data from DDoS attacks launched against customers and supplied them to law enforcement.
“With that many eyes watching the long and protracted attacks [by LulzSec and Anonymous] it’s not really possible to stay anonymous," Sop said.
"Police efforts are slow and protracted – they have to be because evidence must be transferred and it cannot be compromised".
Sop predicted the hacking groups' continued attacks against government intelligence and police agencies and scores of businesses would be “just more damning for them”.
Prolexic was not the only private sector company to assist the police investigations into Lulzsec and Anonymous.
A sworn affidavit by an FBI agent had revealed PayPal supplied the IP addresses of 1000 participants in DDoS attacks launched against its network in December.
Many of the DDoS participants had used the LOIC (Low Orbit Ion Cannon) software which made it easy for non-technical users to participate in coordinated attacks against nominated targets.
But in doing so, their IP addresses were recorded on the logs of victims, or with specialists like Prolexic.
A report  last year by researchers from the University of Twente in the Netherlands compared the use of LOIC for DDoS attacks to "overwhelming someone with letters, but putting your address at the back of the envelope".
The IP addresses were all there, in logs,” Sop said. “It’s rather daft – like throwing a brick through a window with your address taped to it," he said.
The philosophical ideology that united much of the Anonymous and Anti Security movement had helped investigators build profiles, Sop said.
Yet for all the attacks against Prolexic customers, Sop was warm to the movements’ broad ambitions to fight censorship and corruption.
“I don’t disagree with the messages, but the methods affect hundreds of thousands of innocent people. Look at the attacks on Sony – that affected thousands of people who just wanted to play PlayStation. When it was down, I couldn’t enjoy gaming with my son.”,topiary-known-to-police-says-network-giant.aspx

Massive DDoS attack mitigated

Prolexic Technologies, a company specializing in Distributed Denial of Service (DDoS) mitigation services, has announced that it successfully mitigated another major DDoS attack of unprecedented size in terms of packet-per-second volume. Prolexic cautions that global organizations should consider the attack an early warning of the escalating magnitude of similar DDoS threats that are likely to become more prevalent in the next six to eight months.
The attack was directed against an Asian company in a high-risk e-commerce industry. It generated larger than usual TCP SYN Floods and ICMP Floods, both of which are common DDoS attack methods. There was nothing common, however, about the magnitude of the attack.
According to Prolexic chief technology officer Paul Sop, the volume of the attack reached levels of approximately 25 million packets per second (pps), a rate that can overwhelm the routers and DDoS mitigation appliances of an internet service provider (ISP) or a major carrier. In contrast, most high-end border routers can forward 70,000 pps in typical deployments. In addition, Prolexic’s security experts found 176,000 remotely controlled PCs, or bots, in the attacker’s botnet (robot network). This represents a significant threat as typically only 5,000 to 10,000 bots have been employed in the five previous attacks mitigated by Prolexic.
“The customer attempted to mitigate these repeated DDoS attacks for many months with solutions from its ISP and its carrier before approaching Prolexic,” said Sop. “Defeating this attack is a testament to our unrivaled capacity and our unique position as the only global DDoS mitigation provider with the experience and bandwidth to successfully fight these gigantic attacks.”
To mitigate this high-magnitude attack without putting the burden on a single carrier, Prolexic distributed traffic among several of its global Tier 1 carrier partners and scrubbing network centers. Prolexic was able to help the client maintain service availability throughout the duration of the attack. While Prolexic was fighting this particular threat, it simultaneously helped another client who was experiencing a 7 Gbps DDoS attack.

Early warning and escalating threats
“Prolexic sees this massive attack in Asia with millions of packets per second as an early warning beacon of the increasing magnitude of DDoS attacks that may be on the horizon for Europe and North America in the next 6 to 8 months,” Sop said. “High risk clients, such as those extremely large companies in the gaming and gambling industries in Asia, are usually the first targets of these huge botnets just to see how successful they can be.”
Prolexic cautions that the next quantum leap in DDoS attacks will not necessarily center on bandwidth, but rather on increasing the volume of packets per second to such a high level that carriers cannot handle the overload. According to Sop, these extremely high packet-per-second DDoS attacks are especially insidious because they can cause collateral damage to carriers long before the “bad traffic” ever reaches its intended target.
Overwhelmed by the deluge of Internet traffic, carriers try to cope by passing around the excessive traffic like a “hot potato” from one to another. Ultimately, the carriers must “black hole” the IP address of the attack target and in doing so they unwittingly help the hacker to achieve the goal of creating a “zero route” which crashes the victim’s site. In addition, the continuous shifting of traffic from carrier to carrier can seriously affect the performance of multiple web sites, not just the intended target.
“Prolexic has invested millions to be ready for this type of DDoS attack and while we have only seen this botnet once in the Western Hemisphere to date, it is likely to follow a common pattern and become much more prevalent,” Sop said. “The good news is that Prolexic is already well ahead of the game and has proven that we can stop attacks of this magnitude.”