DDoS Diary

Q3 2017

DDoSDiary.com — sponsored by Nexusguard – provides chief information security officers (CISOs) and IT security teams with a quarterly list of noteworthy DDoS attacks targeted at organizations of all sizes and types.

DDoS-as-a-service platforms lure more cybercriminals into the DDoS business

More experienced hackers continue to rely on volumetric attacks

bradcaseyheadshotBrad Casey

Menlo Park, Calif. – Sep. 30, 2017

The largest known DDoS attacks have grown from 300 gigabits-per-second in 2013 to 500 gigabits in 2015, to a couple that topped 1 terabit-per-second last year.

High throughput DDoS attacks are dotted throughout our diary coverage in 2017. While we haven’t seen 1 terabit-per-second attacks in 2017, they may be on the horizon.

A report from Nexusguard indicates an increasing percentage of recent DDoS attacks employed blended, multi-vector approaches. The research states that hackers continued to rely on volumetric attacks to overwhelm system resources.

DDoS-for-hire workers and do-it-yourself DDoS kits have led to a continual rise in the number of attacks we are witnessing.

September

Sep. 27.  A drop off in previously lucrative businesses such as spam is forcing some cybercriminals into new revenue opportunities including DDoS attacks.

Sep. 18.  As attackers rapidly change their tactics and techniques, insurance companies rapidly change their types of coverage in an effort to avoid paying massive payouts due to policy holders that are victimized by DDoS attacks.

Sep. 18.  A new technique being experimented with by the Asia Pacific Network Information Center (APNIC) will hopefully go a long way toward DDoS attack mitigation.  The new technique is known as the aggressive use of DNSSEC-Validated Cache.

Sep. 16.  According to some in the security industry, Twitter bots have become a nuisance as they are used to perform DDoS attacks against people with opinions that they disagree with.

Sep. 15.  The U.S. Treasury Department levied sanctions against 11 individuals with Iranian ties that are alleged to have taken part in DDoS against U.S. banks.

Sep. 14.  Corero Network Security wins a U.S. government contract that requires the deployment of its flagship product, the SmartWall Threat Defense System.  The SmartWall is reported to be on the cutting edge of DDoS attack mitigation.

Sep. 14.  Global IT service provider, PhoenixNAP, reportedly increases its capacity to mitigate DDoS attacks via its four-phase approach.

Sep. 14.  F5 Labs leader, Sara Boddy, discusses the new emphasis on DDoS prevention as it relates to IoT devices, and she goes on to assert that IoT devices will one day serve as an infrastructure for the dark web.

Sep. 13.  One way to prevent becoming the victim of a DDoS attack via your VoIP infrastructure is to utilize a VPN in conjunction with said VoIP infrastructure.

Sep. 12.  According to Technavio, the rapid increase in worldwide DDoS attacks will result in the proliferation of the global application delivery network market.

Sep. 12.  Ecobank decides to go all in with Radware’s Hybrid Attack Mitigation Solution, and deploy the new system as a means of DDoS prevention.  The solution includes both on-premise and cloud-based infrastructure.

Sep. 12.  The public education system within the UK appears to be continually susceptible to DDoS attack even after last year’s attack that took down several education sites.

Sep. 9.  According to DDoS-Guard, the average size of DDoS attacks for the 2nd quarter of 2017 grew by 9.5 times. Furthermore, the most popular days to carry out such badness are Tuesdays, Thursdays, and Sundays.

Sep. 8.  According to Slate, the news site known as Breitbart alleged that they were the victim of a DDoS attack, but it was later revealed that the problem was due to a malfunctioning advertising mechanism.

Sep. 6.  According to the CEO of World Poker Network, Philip Nagy, his company was the victim of a DDoS attack perpetrated by one of his bitter rivals.

Sep. 6.  In what is being labeled a “companion to WireX”, F5 Labs discovers new malware that creates 50 simultaneous threads and sends out 10 million UDP packets.

Sep. 5.  A new political platform known as Verrit, was reportedly hit with a DDoS attack.  Others claim that the site was simply not setup competently.

Sep. 5.  The servers of America’s Cardroom and its Winning Poker Network were victimized by a massive DDoS attack as attackers demand a ransom before they discontinue the attack.  All tournaments had to be cancelled as a result.

Sep. 4.  Several torrent sites go down as a crackdown on piracy occurs when several torrent sites begin to distribute the final episode of Game of Thrones.  TorrentFreak alleges that they were the victim of a DDoS.

Sep. 3.  Even though India is experiencing explosive economic growth, some within the security industry assert that a failure on India’s part to prevent massive cyber incidents, such as DDoS attacks, will hinder future economic growth.

Sep. 1.  After being arrested for a DDoS attack against British banks Lloyds Banking Group and Barclays, an Israeli-British man was extradited from Germany where he will face charges under the Computer Misuse Act.

Sep. 1.  Several Torrent sites suffer DDoS attack.  WorldWideTorrents has its domain name suspended and IsoHunt has simply disappeared.

Sep. 1.  The DDoS-for-Hire service known as TrueStresser was itself a victim of a hack when a disgruntled former customer stole information from its database, and leaked some sensitive information online.

August

Aug. 29.  According to Corero Network Security, large swaths of the UK’s critical infrastructure – to include police and fire services – are vulnerable to DDoS attack.  Much of these vulnerabilities are reportedly due to the failure to implement some of the simplest security measures.

Aug. 28.  Attackers are now utilizing malicious applications from within Google Play and other third-party app stores to perform DDoS attacks.  There currently exists a botnet made up of approximately 100,000 Android devices.

Aug. 28.  The WireX botnet significantly impacts several content delivery networks as it utilizes several Android devices to carry out the attack.  The WireX botnet is reportedly carried out at the application layer, and consists primarily of HTTP GET requests.

Aug. 25.  One security researcher warns against DDoS by refrigerator.  Apparently, one should think twice before grabbing a beer.

Aug. 24.  The Los Angeles-based hosting company, DreamHost, was significantly impacted by a DDoS attack that targeted or portion of their DNS infrastructure.  The attack lasted approximately 4 hours before it was mitigated.

Aug. 24.  In a rather telling indictment of the clients that it protects, Fortinet releases a study stating that 90% of the systems that are attacked are victimized by 3-year-old exploits.

Aug. 23.  According to a study conducted by Akamai, DDoS attacks are on the rise again.  Of most significance was the rise of the PBoT attack – an attack vector that relies on relatively old PHP code.  

Aug. 22.  In a different interpretation of the Akamai study, Cyberscoop says that DDoS activity is down due to the lack of a massive DDoS attack over the summer.

Aug. 21.  According to researchers at Google, CloudFare, and other big-name IT companies, the real target of last year’s Mirai botnet was none other than the PlayStation Network.

Aug. 17.  According to Incapsula, a new type of DDoS known as the pulse wave attack has been discovered.  This new type of attack reportedly occurs in short waves that allow for attacks to quickly ramp up to a massive scale.

Aug. 14.  According to Blizzard Entertainment, they were the victim of a DDoS attack that significantly affected the performance of many of its gaming platforms.

Aug. 9.  The postal service of the Ukraine suffers from a two-day long DDoS attack that primarily targets the service’s ability to track parcels.

Aug. 3.  According to one security company, DDoS as a means of extortion is on the rise.  This is a less surgical approach to gaining revenue for cyber threats.

July

Jul 31.  The Federal Communications Commission refuses to divulge its countermeasures when discussing DDoS attack prevention.  The FCC says that to reveal their countermeasures would jeopardize their operational security.

Jul. 31.  A Seattle man was arrested for extortion for threatening a DDoS attack against a Dallas-based hosting company that hosted Leagle.com.  

Jul. 28.  An Iranian-born, U.S. male was arrested in Seattle for carrying out a string of DDoS attacks against the nation of Australia.  The arrest culminated a two-and-a-half year joint investigation conducted by Australian, Canadian, and U.S. law enforcement.

Jul. 28.  Netflix accidentally DDoS’s itself via its own API, but rather than panic, they use it as a real-world security test so as to prevent similar DDoS events in the future.

Jul. 26.  According to Corero Network Security, an escalation in financially motivated DDoS attacks could coincide Brexit negotiations.

Jul. 26.  One hacker hacks a smart drawing pad connected to the network of an architectural firm, and utilizes the device as a part of an IoT botnet.

Jul. 24.  The hacker known as “BestBuy” confesses in German court that he implemented a massive DDoS attack against German telecom provider Deutsche Telekom.  The malware used was Mirai.

Jul. 14.  The game known as Final Fantasy XIV fell victim to a massive DDoS attack as the North American data center attempts to recover.  According to developers at Square Enix, they have been forced to move much of their infrastructure to upper-tier ISPs, which has caused a ripple effect on the rest of their infrastructure.

Jul. 13.  Nokia partners with Radware to provide DDoS attack mitigation service.  This new service allows Radware to implement Nokia’s Deepfield solution.

Jul. 8.  The Malaysian Communications and Multimedia Commission is investigating a DDoS attack that disrupted online trading.  The attack lasted for approximately 2 hours.

Jul. 7.  According to Corero Network Security, a new type of DDoS dubbed, the Trojan Horse DDoS is becoming more frequently deployed as network attackers utilize smaller scale DDoS attacks as a means of distracting network administrators while malware is injected into other areas of the targeted network.

Stay tuned for the Q4 2017 edition of the DDoS Diary.

Brad Casey is a freelancer writing about any and all things IT and cybersecurity related.


Q2 2017

DDoSDiary.com — sponsored by Nexusguard – provides chief information security officers (CISOs) and IT security teams with a quarterly list of noteworthy DDoS attacks targeted at organizations of all sizes and types.

DDoS rising: Cisco predicts a staggering 3.2 million attacks-per-year by 2021

News media and government websites, IoT devices are favorite targets

bradcaseyheadshotBrad Casey

Menlo Park, Calif. – Jul. 2, 2017

DDoS attacks continued targeting media sites and governments in the second quarter of 2017, on the heels of a report from Nexusguard which states that DDoS activity increased by 380% in the first quarter of 2017.

The New York Times was hit, and the Al Jazeera news service was brought down, both by DDoS attacks in the most recent period. Canada, Norway, and the U.K. are amongst the countries which reported DDoS attacks against government sites and IT infrastructures during Q2.

Increasingly high throughput attacks and DDoS-for-hire workers are two developing trends of concern to watch.

June

Jun. 28.  Ubisoft reports that a DDoS attack is effecting several of their gaming services.  Among the services impacted are Rainbow Six Siege, For Honor, Steep, Ghost Recon Wildlands, and Uplay PC.

Jun. 28.  The NY Times is currently experiencing a DDoS attack.  Other companies that are simultaneously experiencing DDoS attacks are Reddit and KickStarter.

Jun. 15.  The world’s largets Bitcoin exchange, Bitfinex, is hammered by a DDoS attack.  The attack occurred shortly after launching trading in IOTA tokens.

Jun. 14.  Some experts consider the possibility that the alleged DDoS attack against Bitfinex was nothing more than a result of the high demand for IOTA.

Jun. 14.  Corero Network Security proposes the possibility that many of today’s small and middle tier DDoS attacks are merely Trojan Horses used to disguise much more sinister network intrusion attempts.

Jun. 13.  Spirent releases an update to their CyberFlood product.  The new update includes some timely additions to their DDoS attack library.

Jun. 9.  Qatari based news service, Al Jazeera, is brought down by a DDoS attack.  The attack focused on their DNS service.

Jun. 9.  According to the Cisco Visual Networking Index, DDoS attacks will most likely increase to 3.2 million attacks per year by the year 2021.

Jun. 6.  According to Nexusguard, DDoS activity increased by 380% in the 1st quarter of 2017.

Jun. 6.  Arbor Networks announces its new DDoS mitigation platform, Arbor APS v5.11.  This new platform uses concept known as Cloud Signaling.  

May

May 31.  Five Democrat senators call for an FBI investigation into the alleged DDoS attack against the Federal Communications Commission.  The attack targeted the FCC’s online comment section.

May 24.  According to a report issued by VeriSign, DDoS attacks in the 1st quarter of 2017 peaked at a massive 14.1 Gbps.  The most common type of attack was the UDP flood.

May 24.  According to the NTT Security 2017 Global Threat Intelligence Report, DDoS attacks involving IoT devices doubled in 2016.  Also, 60% of all IoT attacks originated from Asia.

May 23.  A Melbourne data center provider known as Micron21 is requesting that attackers DDoS them.  According to officials within the company, they are supremely confident that they can withstand any DDoS attack.

May 16.  According to security experts, perpetrators of today’s DDoS attacks are tripping over each other as they compete for resources.  

May. 16.  According to Neustar, DDoS attacks on the worldwide healthcare industry increased by 13% in 2016.  Additionally, the U.S. experienced 14% more attacks than their international counterparts.

May. 15  The government of Saskatchewan, Canada reports that they are under cyber-attack.  However, the source of the attack is unknown.

May. 15  Much of Norway’s computer infrastructure was attacked, but according to the national security agency of Norway, they were able to gain control of the attack rather quickly.

May 15  Some security experts claim that the latest Microsoft vulnerability that has resulted in numerous DDoS and ransomware attacks could be used to completely shut down unlicensed, online gambling sites.

May 13.  A major ransomware attack has gone international and hit dozens of countries extremely hard.  The new ransomware attack seems to exploit a vulnerability in Microsoft Windows.

May 13.  It seems that another Bitcoin exchange fell victim to a massive DDoS attack.  The new victim is known as Poloniex.

May 12.  UK’s National Health Service is hit by a massive DDoS attack.  It is suspected that several devices within the NHS network were infected with ransomware.

May 12.  Three Baltic states who belong to NATO had power grids that fell victim to a Russian DDoS attack.  The attack targeted the communication gateways between substations.

May 11.  The non-profit organization known as Fight for the Future has started a petition demanding that the FCC provide proof that they were victim to a DDoS attack.

May 11.  Cyber criminals are harvesting emails from the online Whois service, and sending emails that threaten the recipient with a DDoS attack if the recipient doesn’t pay the sender money.

May 10.  Several French news sites for knocked offline as a Portland based hosting company, Cedexis, falls victim to a DDoS attack.  Among the sites that were knocked offline were Le Monde and LeFigaro.

May 10.  Bot-herding malware known as Persirai utilizes portions of Mirai, and can reportedly use up to 150,000 IP cameras for DDoS attacks.

May 9.  In an attempt at cyber extortion, attackers DDoS’d several online gambling sites in Honk Kong in April.  According to Arbor networks, for a brief period of time, Honk Kong overtook the U.S. as the top destination for DDoS attacks.

May 9.  Some suspect that the DDoS attack against online gambling sites in Hong Kong was perpetrated by the Chinese government.

May 8.  Researchers at Corsa Technology implement a new GigaFilter capability to their Red Armor network security engine.  According to officials within the company, this will allow for the filter of 4 billion IPv4 addresses while under attack.

May 8.  The FCC claims that it was the victim of a DDoS attack after FCC official, John Oliver, told viewers to visit a new domain that they had purchased, www.gofccyourself.com, and leave comments.

May 2.  A poll conducted by Neustar indicates that 84% of polled CIOs, CTOs, and CISOs report that their respective networks have fallen victim to at least 1 DDoS attack in the past 12 months.

May 1.  Symantec reports that 2016 saw records levels of DDoS attacks.  They predict much more emphasis on DDoS attacks against cloud providers.

April

Apr. 28.  According to Kaspersky, a vigilante style malware known as Hajime has been gaining steam recently.  It reportedly has control over 300,000 IoT devices that it can use for DDoS attacks.

Apr. 25.  A twenty-year-old man from the UK was jailed for creating the DDoS malware known as Titanium Stresser.  He developed the malware when he was 16, and it targeted mostly Xbox Live accounts.

Apr. 21.  Security researchers at IOActive discover 10 separate vulnerabilities in Linksys wireless routers that could result in a DDoS attack.  Among the vulnerabilities includes a default credential vulnerability.

Apr. 21.  McAfee reports that approximately 2.5 million IoT devices have been infected with the DDoS malware known as Mirai.  Approximately 5 IoT associated IP addresses are added to Mirai botnets every minute.

Apr. 20.  According to Akamai Technologies, a DDoS attack method that utilizes CLDAP has been gaining popularity.  Apparently, this new method allows for more bandwidth consumption while infecting fewer hosts.

Apr. 13.  Melbourne IT falls victim to a DDoS attack against its DNS infrastructure.  Due to their DDoS mitigation strategies, they were able to come back online in approximately one-and-a-half hours.

Apr. 13.  According to a report issued by Kaspersky, Romania has become the country with the sixth most command and control nodes utilized for DDoS attacks.

Apr. 12.  A Brexit voter registration website fell victim to a DDoS attack, and many suspect Russia and/or China as the perpetrators.

Apr. 12.  Feeling the need to state the obvious, Akamai Technologies releases a report that recommends that network administrators not leave unnecessary ports open on their network devices.  This is because someone, or a group of people, are targeting port 389 and the Connection-less Lightweight Directory Access Protocol (CLDAP).

Apr. 7.  According to Arbor Networks, DDoS attacks have traditionally targeted the network layer of the TCP/IP stack.  Now, they’re seeing more attacks that target the application layer.

Apr. 5.  According to a report issued by Incapsula, an unnamed U.S. university was DDoS’d for approximately 54 hours, as the IoT infrastructure fell victim to Mirai.

Apr. 4.  Corsa unveils a new DDoS mitigation appliance.  The NSE7000 can apply up to 200,000 mitigation policies at any one time.

Apr. 3.  According to CSO Online, there’s big money to be made in selling one’s DDoS skills.  Apparently, the wage is rather competitive at an average of $25 per hour.

Stay tuned for the Q3 2017 edition of the DDoS Diary.

Brad Casey is a freelancer writing about any and all things IT and cybersecurity related.


Q1 2017

DDoSDiary.com — sponsored by Nexusguard – provides chief information security officers (CISOs) and IT security teams with a quarterly list of noteworthy DDoS attacks targeted at organizations of all sizes and types.

DDoS-for-hire on the rise, U.S. ranks No. 1 in DDoS attacks

Record number of DDoS attacks launched, underground sites provide hackers with tools aimed at IoT devices

bradcaseyheadshotBrad Casey

Menlo Park, Calif. – Apr. 6, 2017

DDoS attacks plagued schools, governments, web hosts, media sites, and organizations globally in the first quarter of 2017.

Researchers at one vendor discovered 3,700 DDoS attacks per day. Another vendor reports the U.S. accounts for 24 percent of DDoS attacks globally.

Nexusguard shares that multi-vector attacks are the most complex type of DDoS attack, and they are on the rise. They use a combination of different DDoS attack tools and approaches which are merged together to halt the target. Cyber defenders should expect a proliferation of multi-vector attacks in the coming months.

Most disconcerting is the increased throughput of DDoS attacks, leading to greater downtime and damages on the victims.

March

Mar. 30.  ‘Mirai’ variant hits U.S. college with 54-hour long DDoS attack.  Utilizes HTTP traffic as it maintains traffic flow of 30,000 requests per second.

Mar. 28.  South Korean Ministry of Foreign Affairs hit by Chinese DDoS attack as China continues to express displeasure with U.S. missile defense system.

Mar. 27.  DDoS attacks against K-12 schools becoming an increasing problem as several school districts have been severely effected in the past year.  State of Utah adopts cloud solution that utilizes Unicast Reverse-Path Forwarding.

Mar. 26.  Nexusguard reports that DNS was the leading method utilized for DDoS attacks in Q4 2016.  17,872,563 DNS queries for the domain cpsc.gov were the leading cause of malicious traffic.

Mar. 24.  In the spirit of entrepreneurship, crime lords offer customers ‘loyalty points.’  Some DDoS-for-hire services cost as little as $7 per hour.

Mar. 24.  Hawaiian Telcom implements cloud-based DDoS protection by deploying Secure Internet Protection.  Deployment due to 125% rise in DDoS activity since last year.

Mar. 21.  Website of Daphne Caruana Galizia DDoS’d and taken offline.  Galizia, sometimes referred to as a ‘one woman WikiLeaks’ suspects the perpetrator to be of Maltese origin.

Mar. 21.  Google delves into the election security realm as it partners with Jigsaw to guard against email phishing scams, such as the one suffered by John Podesta.  Creates new extension for Chrome called ‘Password Alert.’

Mar. 17.  Israel preparing for annual DDoS attack by Anonymous.  Annual attack takes place on April 7th.

Mar. 17.  Israeli law enforcement recommends indictment and prosecution of two 18-year-olds who started attack service known as vDOS.  vDOS allegedly caused $1.65 million in damage.

Mar. 15.  Dutch voting aid website Kieskompas, taken down by DDoS attack.  Turkish hacking group suspected.

Mar. 15.  Akamai reports that the Taiwan high tech industry was targeted by record numbers of DDoS attacks last month.  Most source IP addresses in Taiwan.


Related: Debuting The World’s First Cloud DDoS Monitoring Service. Sign Up for a Demo of the Nexusguard Remote DDoS Monitoring Service.


Mar. 15.  President Trump calls for private sector war against botnets.  Trump wants telecom providers to be more involved in DDoS mitigation.

Mar. 15.  Due to the high availability of IoT devices, DDoS-for-hire has become an increasing problem.  Security researchers indicate that it’s as easy as going to an underground site, and asking for the Mirai scanner code to locate vulnerable IoT devices.

Mar. 13.  ID Ransomware service hit by DDoS attack by author of Enjey ransomware.  Creator of Enjey apparently angry over the ID Ransomware’s ability to decrypt ransomware.

Mar. 10.  A10 Networks alleges that DDoS attacks from IoT devices reaching ‘critical mass.’  Researchers discover 3,700 DDoS attacks per day.

Mar. 10.  South Korean conglomerate, Lotte, hit by various DDoS attacks over the past few weeks by Chinese hackers.  China angry over Lotte’s agreement to provide one of its golf courses as a site for the THAAD missile defense system.

Mar. 10.  New Linux vulnerability found in IoT devices exploits CGI bug.  DDoS attacks could be carried out when Linux is run on AVTECH or CCTV devices.

Mar. 9.  DASH digital currency comes under massive DDoS attack as price rallies to $51 per coin.  Close to 500 masternodes taken offline.

Mar. 9.  Financial Conduct Authority reports DDoS attack against wealth management firms.  

Mar. 7.  Nexusguard unveils industry-first software-defined cloud DDoS mitigation platform.  Agile routing platform key to mitigating DDoS attacks.

Mar. 3.  Epoch Media Group’s New York Headquarters hit by DDoS attack originating from China after publishing a series regarding human rights violations in China.  

Mar. 1.  Malware behind Necurs botnet now capable of executing DDoS attacks.  Formerly, Necurs distributed Locky ransomware.  Has since diversified its portfolio.

February

Feb. 28.  Luxemburg’s national IT infrastructure taken down by massive DDoS attack.  Systems were affected for approximately 24 hours.  Motive behind the attack unknown.

Feb. 27.  In terms of sheer numbers, the U.S. ranks as the # 1 source of DDoS attacks.  According to Akamai, the U.S. accounted for 24 percent of the world’s DDoS attacks in the last quarter of 2016.

Feb. 22.  Bitcoin trading website, Bitfinex, hit by massive DDoS attack that adversely affected the website for about an hour before it was mitigated.  API was trending closer to an all-time high before DDoS occurred.

Feb. 10.  Verizon states that an unnamed university was the victim of a DDoS attack that originated from its own IoT devices.  Excessive amounts of DNS lookups resulted in severe network degradation.


Related: Protecting Your Web Presence with Multi-Layered DDoS Mitigation. Find out how.


Feb. 7.  Austrian Parliament website taken down for 20 minutes by DDoS attack.  Turkish hacking group suspected.  Type of malware not commented on.

Feb. 6.  Over 10,000 nodes knocked off the Dark Web as Anonymous hacker DDoS’s child porn site.

Feb. 3.  Hacking made great again as Trump Hotel’s website suffers DDoS attack as evidenced by Cloudfare protection notification upon accessing the site.  

Feb. 3.  Playstation Network taken down by DDoS attack.  Hacking group known as LizardSquad takes credit for attack.

Feb. 3.  Users of Kodi may have unwittingly been party to a DDoS attack by utilizing Exodus add-on.  Creator of malicious code known as Lambda.

Feb. 3. After years of dormancy, SQL Slammer is experiencing a resurgence.  Check Point Software Technologies reports a major uptick in activity.

January

Jan. 31.  Sonic customers taken offline as telecom provider is hit by a DDoS attack.  Attack lasted about 3 hours before attack was mitigated.

Jan. 30.  Emsisoft hit by 80 Gbps DDoS attack.  Company claims site successfully withstood attack.  Merry Christmas ransomware suspected as the root cause.

Jan. 26.  Securities brokers in Hong Kong hit by DDoS attack.  Securities regulators stepping up efforts to mitigate.

Jan. 26.  Russian National Guard claims that their website was hit by major DDoS attack.  Mitigation underway.

Jan. 23.  Lloyd Banking Group hit by massive, two-day-long DDoS attack.  Attack only affected availability of service, while it is not suspected that any individual experienced financial loss.


Related: Uninterrupted Availability for Banks and Financial Institutions. Maintaining Uptime All the Time.


Jan. 23.  Cyber security expert claims that Rutgers University student is the creator of ‘Mirai’ botnet.  Student earns extra credit by being the subject of an FBI investigation.

Jan. 19.  Founder of Protestor.io attempts to organize DDoS attack for Inauguration Day by calling for DDoS against whitehouse.gov.  

Jan. 18.  Brian Krebs alleges that the infamous ‘Mirai’ botnet may have started via fighting Minecraft servers.  Fight may have begun over individuals competing for business as they sold Minecraft server space.

Jan. 9.  Hosting website, 123-reg hit by another DDoS attack as customers unable to access email accounts.  Third major DDoS attack against company in 6 months.

Jan. 9.  National Union of Journalists of the Philippines website taken offline due to DoS attack.  Investigation underway.

Jan. 8.  Drudge Report victimized by largest DDoS attack since its inception.  No one can seem to figure out who did it.

Jan. 4.  Imperva claims to have mitigated a DDoS attack measured at 650 Gbps.  Claims the DDoS had nothing to do with ‘Mirai’, and will probably set the tone for future DDoS attacks to be much worse.  New malware known as Leet malware.

Stay tuned for the Q2 2017 edition of the DDoS Diary.

Brad Casey is a freelancer writing about any and all things IT and cybersecurity related.