This Week In Cybercrime: Shutting Down DDoS Attacks

Plus: Energy companies attacked, apps hacked, and retailers robbed

2 min read

Willie Jones covers transportation for IEEE Spectrum, and the history of technology for The Institute.

This Week In Cybercrime: Shutting Down DDoS Attacks

-A Computerworld article reports that on 21 August, Internet security firm Prolexic revealed that it has found vulnerabilities in the tools hackers use to launch distributed denial of service (DDoS) attacks. In a written online statement, the company, which specializes in providing protection against DDoS attacks targeting corporate networks, said that flaws in the command and control component of the Dirt Jumper DDoS toolkit that has been associated with recent DDoS attacks make it possible for "counter-attackers to obtain access to the Command and Control database backend, and potentially server-side files.” That level of access, says Prolexic, would allow a network operator to halt an attack in real time.

-Thinking of downloading an “unofficial” app for your cellphone or tablet? News from Security vendor Arxan, which makes tools for protecting apps from tampering, may give you pause. The company has released the details of a study reporting that more than 90 percent of the apps being sold at Apple’s App Store (and all of the top 100 apps originally found in Google’s Android app marketplace, Google Play) have been hacked by cybercriminals. The hacked versions, which are subsequently posted in various online outposts, contain modifications that, from the consumer’s standpoint, range from the seemingly benign (extrication of ads) to the nefarious (malware that could steal data or turn a device into a zombie used to attack other machines). An Arxan spokesman says that for an experienced hacker, reverse engineering an app is trivial. “Android Java apps can be easily and trivially decompiled back to source code. Native Android and iOS apps are relatively easy to reverse-engineer as well,” the Arxan study says.

-Saudi Aramco, Saudi Arabia’s national oil and gas company, reported on 15 August that some of its systems had been hacked. Saudi Aramco insisted that the attack had not affected any core business systems, nor its petroleum production operations. On 17 August, a team of hackers calling itself the Arab Youth Group claimed responsibility for the online attack. Security experts note that the corroborating details the group provided to prove that it was behind the disturbance suggest a link between the Aramco attack and a new bit of destructive malware called Shamoon that is being used to target energy companies. Though Aramco has admitted that the network disruption was caused by a computer virus, it has not revealed the extent of the damage or whether its computers have been disabled. Shamoon reportedly covers its tracks by overwriting files and a PC’s master boot record, making it impossible to boot up the machine. According to a Computerworld article, the Arab Youth Group said the attack was its way of lashing out against the Saudi government’s support of Israel and the United States.

-According to the British Retail Consortium, cybercrimes cost U.K. retailers £205.4 million over the past year. Though that sounds like a pittance compared with the overall revenues that businesses rake in, the survey reports that retailers lost 0.75 percent of the value of online sales to theft or fraud, more than twice the loss rate they suffer in their brick-and-mortar operations. Because e-commerce sales increased by 15 percent in 2011 and now account for 10 percent of total retail spending in the U.K., the BRC concludes that that e-crime is the “biggest emerging threat” to retailers.

The Conversation (0)