Category Archives: DDOS

U.S. Grills China About Cyber Attacks — InformationWeek

Chinese IP addresses have been implicated in numerous, recent distributed denial of service attacks, which top State Department officials see as a human rights issue.

In another sign that the United States government is concerned with the threat of cyber attacks originating from China, a top State Department official recently raised the case of a hacked U.S. political site directly with the Chinese Ministry of Foreign Affairs, according to a letter released by the political group Change.org.

The site, which offers tools for online political campaigns, began to be victimized by distributed denial of service (DDOS) attacks in mid April, soon after it carried a petition for China to release Chinese artist Ai Weiwi, who helped design the centerpiece of the 2008 Summer Olympics, the “Bird’s Nest” National Stadium, and who was imprisoned earlier this year in the midst of a Chinese crackdown on political dissent.

The attacks raised the ire of congressional leadership, as both House minority leader Nancy Pelosi, D-Calif., and Rep. Rosa DeLauro, D-Conn., condemned the attacks and called on the State Department to take action and bring the hackers to justice.

In response, the State Department not only condemned DDOS attacks, like the one Change.org experienced, that are “designed to stifle free speech on the net,” but also raised the issue directly with the Chinese Ministry of Foreign Affairs in late April, according to a letter from the State Department to Rep. DeLauro that was released by Change.org. The letter indicates that deputy assistant secretary of state Dan Baker raised the issue of the attack with the Chinese government during a dialogue on human rights.

“The Department will continue to press China on the importance of an open and unrestricted Internet,” says the letter, written by acting assistant secretary of state for legislative affairs Joseph Macmanus. “As part of the State Department’s Internet freedom initiative, we support efforts to protect groups and individuals from such attacks.”

The attack is only one of a number of recent attacks said to originate from China. Google in late Mayannounced that hundreds of its Gmail users, including senior U.S. officials, had been the targets of a spear-phishing campaign that originated in China. A February attack on the G-20 was similarly traced to Chinese IP addresses, and China has also been reportedly eyed in recent attacks on the International Monetary Fund. Leaked State Department cables indicate that the Chinese have been attacking U.S. government agencies and companies since at least 2002.

via U.S. Grills China About Cyber Attacks — InformationWeek.

Advertisements

Interop: Cyberwar test runs yield information about defenses

Cyber warfare strategy is getting so sophisticated that network attacks suitable for major assaults are being used instead as trial runs meant solely to probe enemies with the aim of figuring out what their defenses are, an audience at an Interop security talk was told.

A distributed denial of service (DDoS) attack against South Korea earlier this year was delivered from a multilayered botnet that persisted for 10 days then halted with command and control servers flushing the bot software out of the zombie machines, according to Brian Contos, director of global security strategy for McAfee

The attack — McAfee called it 10 Days of Rain — came from a difficult to take down, multi-tiered botnet set up by North Korea, he says. Then the botnet suddenly stopped its attack and deleted itself from the systems it had taken over.

via Interop: Cyberwar test runs yield information about defenses.


DDoS Attacks by Contract on Sharp Rise

As I monitor these news articles N. Korea comes into the China picture. I will now add Korea Cyber information into the mix. –vet4life

The Korea Internet & Security Agency (KISA) has found that DDoS attacks from China, which are presumed to be made by contract, are on a sharp rise.

“Existing DDoS attacks stopped when the hackers received money from the site after attacking a site three or four times,” said an employee of the KISA. “Contract DDoS attacks, however, continue in the form of a long-term cyber battle until the demand of the client is met.”

The Lineage Community P Site, an online café for a popular online game, was attacked via an IP from China for four days last month. “We received an email which threatens to continue DDoS attacks from an intimidator presumed to be a Chinese hacker unless we stop advertizing a specific company,” said a manager of the site. “We are at a loss as we can neither stop the advertisement for keeping the site alive nor become a target of DDoS attacks.”

The cost of instigating Chinese hackers to launch DDoS attacks varies depending on the size of a target site. But it is not so high, generally ranged from several hundred of thousands won to several millions, which has increased such cyber attacks by Chinese hackers who are hired by those who want to disturb business of their rivals or bear a grudge.

via 대한민국 IT포털의 중심! 이티뉴스.

—  http://english.etnews.co.kr/news/detail.html?id=201105110008


Change.org victim of DDoS attack from China

Change.org, an online petitioning platform, has come under an ongoing distributed denial of service (DDoS) attack originating from China after the site hosted a call urging Chinese authorities to release artist Ai Weiwei from custody.

The attacks, which started late Sunday, have nearly brought down the site, according to Change.org founder Ben Rattray.

DDoS attacks work by using hundreds or thousands of hacked computers to send traffic to a website, overwhelming it with data so it becomes inaccessible to normal users.

ROUNDUP: The DDoS Hall of Shame

Related Content

PayPal CISO: DDoS one big security threat among many

WordPress: DDoS attacks came from China

Has progress been made in fighting DDoS attacks?

Cisco and NSS Labs still arguing firewall vulnerability test results

View more related content

Get Daily News by Email

Change.org said the current attack originates from an expanding group of computers primarily based in China, and has yet to stop. This is the first time the site has been hit with a DDoS attack.

Change.org has been hosting a online petition calling for the release of Chinese artist Ai Weiwei, who is currently under arrest. The petition has attracted almost 100,000 people from 175 countries, making it one of Change.org’s most successful international campaigns, Rattray said.

“It’s pretty clear the attack is in response to the campaign,” he added. “It’s extraordinary that somebody in China with a high-level of technical sophistication can impact the ability for people around the world to organize.”

The online call coincided with demonstrations across the world this past Sunday, which also called for the artist’s release. Ai, who is also known for his activism, has been detained as part of a Chinese government crackdown on political dissidents in the country.

Authorities in the country have arrested other human rights activists and clamped down on the information flow, following previous online postings that began in February calling for a “Jasmine revolution” against the Chinese government.

Change.org is currently blocked in China. Internet censors in the country regularly block sites that are deemed to politically sensitive.

Despite the block, the computers involved in the DDoS attack are managing to find a way around the country’s national Internet firewall, said Rattray.

In the past, other sites have been the victims of cyber attacks coming from China. This March, blog publishing platform WordPress.com also reported being hit with a DDoS attack originating from China.

Chinese hackers have also allegedly launched cyber attacks to steal data from foreign energy accompanies, according to security vendor McAfee. In 2009, Google was also the victim of an attack originating from China that was aimed at accessing the Gmail accounts of human rights activists

The Chinese government has previously responded to these reports by denying it is involved in any cyberattacks, adding that China has also been a victim of hacking attempts.

The true source of DDoS attacks is often unclear. Although Change.org has traced the current attack to servers in China, it is also possible the computers are under the control of hackers based in another country.

Change.org reports that both the FBI and U.S. State Department are looking into the DDoS attack.

“We won’t stop or take down anything because of this DDoS attack,” Rattray said. “We believe in the fundamental right of the people to organize around issues they care about it.”

via Change.org victim of DDoS attack from China.