bank of america signs

Little and Large Websites Attacked

Little and Large Websites Attacked

The coordinated attacks used to knock a large number of websites offline grew became more powerful in the past months. According to the American company Prolexic who run the world’s largest and most trusted distributed denial of service (DDoS) protection & mitigation service, there has been an eight-fold increase in the average amount of junk traffic used to take sites down.

bank-of-america logo

Chase Bank Logo

citi bank logo

wells fargo logo

Attackers have moved on from just using compromised PCs in homes and small offices to flood websites with vast volumes of traffic, and are now using Web servers, which have vastly more more bandwidth available.

The recent ongoing attack on servers running the WordPress blogging application is constantly seeking new computing power that can be harnessed to form vastly bigger botnets.

Prolexic reported that well-financed attackers  are increasingly able to coordinate with fellow crime organizations in the large-scale assaults.

These types of attacks appear to be here to stay and can only be achieved by having access to significant resources  including manpower, technical skills and an organised chain of command.

The most prominent targets of the attacks have been the America’s largest banks, including Bank of America, Wells Fargo Bank, Chase Bank which at times have become completely unreachable following the flood of traffic.

Prolexic believes these attacks are not individual youngsters flexing their muscles, because the efforts involved in the harvesting of hosts, coordination, schedules,  specifics and the sheer military precision of the attacks suggests the presence of experienced criminals that recruit ‘digital mercenary groups’ to do their work for them.

San Francisco-based CloudFlare’s network was recently bombarded by data sent by more than 80,000 servers across the Internet that all appeared to be running WordPress.

Attackers will enter a legitimate user name along with passwords that are known to be invalid, which, when repeated millions of times overwhelms the servers as they perform database lookups and then report the authentication failure which the system struggles to record it in the internal logs.

The vast increase in applications such as WordPress and Joomla  could become to this decade what the early versions of Microsoft’s Windows XP were to the previous decade. In the 2000s it was easy to compromise desktop PCs and turn them into spam-sending engines or botnets to perform various nefarious acts.

Nowadays using a server that is at least ten times as powerful as a desktop computer can do a great deal more damage.

Recent Irish websites that have been attacked include the websites for the Department of Justice and the website of the Department of Finance.

Little and Large Websites Attacked

Irish Web Design

Tags: , , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

Visit Us On TwitterVisit Us On FacebookCheck Our Feed