The December 2022 issue of IEEE Spectrum is here!

Close bar

This Week In Cybercrime: Shutting Down DDoS Attacks

Plus: Energy companies attacked, apps hacked, and retailers robbed

2 min read
This Week In Cybercrime: Shutting Down DDoS Attacks

-A Computerworld article reports that on 21 August, Internet security firm Prolexic revealed that it has found vulnerabilities in the tools hackers use to launch distributed denial of service (DDoS) attacks. In a written online statement, the company, which specializes in providing protection against DDoS attacks targeting corporate networks, said that flaws in the command and control component of the Dirt Jumper DDoS toolkit that has been associated with recent DDoS attacks make it possible for "counter-attackers to obtain access to the Command and Control database backend, and potentially server-side files.” That level of access, says Prolexic, would allow a network operator to halt an attack in real time.

-Thinking of downloading an “unofficial” app for your cellphone or tablet? News from Security vendor Arxan, which makes tools for protecting apps from tampering, may give you pause. The company has released the details of a study reporting that more than 90 percent of the apps being sold at Apple’s App Store (and all of the top 100 apps originally found in Google’s Android app marketplace, Google Play) have been hacked by cybercriminals. The hacked versions, which are subsequently posted in various online outposts, contain modifications that, from the consumer’s standpoint, range from the seemingly benign (extrication of ads) to the nefarious (malware that could steal data or turn a device into a zombie used to attack other machines). An Arxan spokesman says that for an experienced hacker, reverse engineering an app is trivial. “Android Java apps can be easily and trivially decompiled back to source code. Native Android and iOS apps are relatively easy to reverse-engineer as well,” the Arxan study says.

-Saudi Aramco, Saudi Arabia’s national oil and gas company, reported on 15 August that some of its systems had been hacked. Saudi Aramco insisted that the attack had not affected any core business systems, nor its petroleum production operations. On 17 August, a team of hackers calling itself the Arab Youth Group claimed responsibility for the online attack. Security experts note that the corroborating details the group provided to prove that it was behind the disturbance suggest a link between the Aramco attack and a new bit of destructive malware called Shamoon that is being used to target energy companies. Though Aramco has admitted that the network disruption was caused by a computer virus, it has not revealed the extent of the damage or whether its computers have been disabled. Shamoon reportedly covers its tracks by overwriting files and a PC’s master boot record, making it impossible to boot up the machine. According to a Computerworld article, the Arab Youth Group said the attack was its way of lashing out against the Saudi government’s support of Israel and the United States.

-According to the British Retail Consortium, cybercrimes cost U.K. retailers £205.4 million over the past year. Though that sounds like a pittance compared with the overall revenues that businesses rake in, the survey reports that retailers lost 0.75 percent of the value of online sales to theft or fraud, more than twice the loss rate they suffer in their brick-and-mortar operations. Because e-commerce sales increased by 15 percent in 2011 and now account for 10 percent of total retail spending in the U.K., the BRC concludes that that e-crime is the “biggest emerging threat” to retailers.

The Conversation (0)

Why the Internet Needs the InterPlanetary File System

Peer-to-peer file sharing would make the Internet far more efficient

12 min read
Horizontal
An illustration of a series
Carl De Torres
LightBlue

When the COVID-19 pandemic erupted in early 2020, the world made an unprecedented shift to remote work. As a precaution, some Internet providers scaled back service levels temporarily, although that probably wasn’t necessary for countries in Asia, Europe, and North America, which were generally able to cope with the surge in demand caused by people teleworking (and binge-watching Netflix). That’s because most of their networks were overprovisioned, with more capacity than they usually need. But in countries without the same level of investment in network infrastructure, the picture was less rosy: Internet service providers (ISPs) in South Africa and Venezuela, for instance, reported significant strain.

But is overprovisioning the only way to ensure resilience? We don’t think so. To understand the alternative approach we’re championing, though, you first need to recall how the Internet works.

Keep Reading ↓Show less