now browsing by tag
Source: National Cyber Security – Produced By Gregory Evans Today is Data Privacy Day. As we say every year, Data Privacy Day is more than just a 24-hour period when you try to keep safe online. It’s a day to think about changes you can make in your digital life that will keep you safer […] View full post on AmIHackerProof.com
The 2019 cybersecurity landscape was once again littered with attacks. From the resurgence of ransomware to mega data breaches, cybercriminals continue to target organizations and individuals around the world. In addition to the sheer volume of attacks in 2019, the industry also witnessed a mix of old and new threats with hackers using their standard playbook of phishing, botnets, malware, and DDoS to launch more sophisticated attacks with artificial intelligence (AI) and machine learning (ML).
But threats were not the only things that evolved in 2019. The technology being developed and used to counter these attacks – as well as the corporate “value” assigned to security – also continued to evolve. Organizations are investing more in security research teams and bug bounty programs, and new training resources are helping companies reduce insider threats.
As we move into 2020 and the new decade, there have been a lot of cybersecurity predictions and trends grabbing headlines. Here are five that caught our attention:
1) The Shortage of Qualified Cybersecurity Professionals Worsens
The lack of skilled cybersecurity professionals continues to be a paramount issue for the industry as it moves into 2020. According to the 2019 Workforce Report from (ISC)2 there are currently approximately 1.3 million open cybersecurity positions worldwide. In the U.S. alone, CyberSeek currently shows more than 500k job openings (with an average base salary of approximately $96,000 USD). To help change this trend, the industry must continue to take a multipronged approach that not only focuses on creating technology that empowers professionals, but also building on formal education and development programs, and expanding the talent pool. Interested in understanding the job satisfaction level of current security professionals? This recent Help Net Security article explores that dynamic in more detail.
2) Will You Be Cloud Smart?
Cloud everything continues to rise, including concerns with cloud data loss, unauthorized access, misconfiguration, encryption and more. As a matter of fact, 93% of organizations are moderately to extremely concerned about cloud security. But how organizations adapt to these cloud security challenges will be interesting in 2020. There’s no shortage of predictions around this topic as some experts predict a rise in misconfiguration leading to more breaches, while others look to new SaaS SIEM solutions and alliances to move the market forward. Check out these articles from Solutions Review and Forbes to learn more.
3) Artificial Intelligence and Machine Learning as a Tool for Us and Them
When it comes to cybersecurity, metaphorically speaking, humans are the tortoise and threats are the hare. While we might not be able to keep up with the sheer volume of attacks hitting networks, innovation around AI and ML are helping to accelerate early identification of and response to these threats, especially new ones. Unfortunately, hackers are already using this technology to acquire knowledge for AI models, to better conceal malicious code in applications, and much more. As we move into 2020, we could see new AI-modeled malware that evades sandboxing or AI-enabled spear phishing that further increases attacks at scale. Read more about the impact of AI and ML in cybersecurity with these articles from CISO, CIO, and Security Magazine.
4) Cybersecurity and Risk Management Tops Priority List for CIOs
According to the National Association of State Chief Information Officers (NASCIO), cybersecurity is the number one priority when it comes to 2020 strategies, policies and management processes. Security Enhancement Tools claimed the fourth spot on their list of Top 10 Technologies (with Cloud Solutions, Legacy App Modernization and Data Analytics rounding out the top three). Interestingly enough, Forrester Research’s 2020 predictions focused on a different set of challenges that includes talent acquisition and retention, data strategies, and automation. Can you guess what tops the list for CFOs? Check out this Crain’s New York Business article to find out.
5) The IoT Security Problem Grows
The rise in IoT devices continues to present challenges for security teams tasked with securing corporate networks. With IoT attacks up significantly in 2019 (Kaspersky reported an increase from 12 million in the first half of 2018 to 105 million in the first half of 2019), it’s no surprise that many in the industry predict major growth around this attack vector, as hackers enlist compromised devices to launch large scale attacks. Combating this threat means organizations must increase the attack surfaces they monitor, utilize new solutions that simplify management, and reduce the false-positive security alerts that often plague IoT solutions. A recent article from CISO Magazine outlines some of the more unique attacks, which include an Internet-connected gas station and connected coffee machine attacks.
This list easily could have included 10-20 more fascinating trends, predictions, and challenges. We’ll be sure to keep a keen eye out to see what hits and what misses in 2020.
* * *
If you enjoyed this post, you might also like:
18 Cybersecurity Statistics and Research Figures Summarizing 2019
5 Network Security Takeaways from the 2019 Threatscape Report
3 Ways Cloud Adoption is Changing the Role of the CISO
*** This is a Security Bloggers Network syndicated blog from Bricata authored by Bricata. Read the original post at: https://bricata.com/blog/security-trends-2020/
The post #cybersecurity | #hackerspace |<p> 5 Security Trends and Predictions to Watch in 2020 <p> appeared first on National Cyber Security.
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans There’s an art to reporting security metrics so that they speak the language of leadership and connect the data from tools to business objectives. Much is at stake when reporting security metrics. This data is critical for management to evaluate security programs and justify further investment […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans Aleksei Burkov, an ultra-connected Russian hacker once described as “an asset of supreme importance” to Moscow, has pleaded guilty in a U.S. court to running a site that sold stolen payment card data and to administering a highly secretive crime forum that counted among its members […] View full post on AmIHackerProof.com
Whenever we hear about major cyber security attacks such as data breaches, it’s typically larger enterprises that are the victims. That makes sense, considering those events can potentially impact a lot of people and therefore are more likely to grab headlines and garner attention.
But that doesn’t mean small and mid-sized companies (SMBs) are immune to such attacks. In fact, smaller organizations are frequent targets of cyber incidents, and they generally have far fewer resources with which to defend themselves.
A recent study by the Ponemon Institute, which conducts research on a variety of security-related topics, presents a clear picture of the cyber security challenges SMBs are facing. The report, “The 2019 Global State of Cybersecurity in SMBs,” states that for the third consecutive year small and medium-sized companies reported a significant increase in targeted cyber security breaches.
For its report, Ponemon conducted an online survey of 2,391 IT and IT security practitioners worldwide in August and September 2019, and found that attacks against U.S., U.K., and European businesses are growing in both frequency and sophistication.
Nearly half of the respondents (45%) described their organization’s IT posture as ineffective, with 39% reporting that they have no incident response plan in place.
Cyber criminals are continuing to evolve their attacks with more sophisticated tactics, and companies of all sizes are in their crosshairs, noted Larry Ponemon, chairman and founder of the Ponemon Institute. The report shows that cyber attacks are a global phenomenon, as is the lack of awareness and preparedness by businesses globally, he said.
Overall, cyber attacks are increasing dramatically, the report said. About three quarters of the U.S. companies surveyed (76%) were attacked within the previous 12 months, up from 55% in a 2016 survey. Globally, 66% of respondents reported attacks in the same timeframe.
Attacks that rely on user deception are on the rise, the study said. Overall, attacks are becoming more sophisticated, with phishing (57%), compromised or stolen devices (33%), and credential theft (30%) among the most common attacks waged against SMBs globally.
Data loss is among the most common impact of cyber security events. Worldwide, 63% of businesses reported an incident involving the loss of sensitive information about customers and employees in the previous year.
SMBs around the world increasingly are adopting emerging technologies such as mobile devices and apps, the Internet of Things (IoT), and biometrics, despite having a lack of confidence in their ability to protect their sensitive information.
Nearly half of the survey respondents (48%) access more than 50% of their business-critical applications from mobile devices, yet virtually the same portion of respondents said the use of mobile devices to access critical applications diminishes their organization’s security posture.
Furthermore, a large majority of respondents (80%) think it is likely that a security incident related to unsecured IoT devices could be catastrophic. Still, only 21% monitor the risk of IoT devices in the workplace.
The report also suggests that biometrics might finally be moving toward the mainstream. Three quarters of SMBs currently use biometrics to identify and authenticate users or have plans to do so soon.
Small and mid-sized companies can take several steps to bolster their cyber security programs. One is to educate users and managers throughout the organization about the importance of strong security and taking measures to keep data safe.
Because so many attacks begin with employees opening suspicious email attachments or clicking on links that lead to malware infestations or phishing, training users to identify these threats is vital. Companies can leverage a number of free training resources online to help spread the word about good security hygiene.
Smaller companies, particularly those will limited internal cyber security skills, can also consider hiring a managed security services provider (MSSP) to help build up a security program. Many of these firms are knowledgeable about in the latest threats, vulnerabilities, and tools, and can help SMBs quickly get up to speed from security standpoint.
And companies can deploy products and services that are specifically aimed at securing small businesses. Such tools provide protection for common IT environments such as Windows, macOS, Android, and iOS devices. They are designed to protects businesses against ransomware and other new and existing cyber threats, and prevent data breaches that can put personal and financial data at risk.
Some of these offerings can be installed in a matter of minutes with no cyber security or IT skills required, which is ideal for smaller companies with limited resources and a need to deploy stronger defenses quickly.
View full post on National Cyber Security
When you buy a cloud-connected appliance, how long should the vendor support it for with software updates? That’s the question that home audio company Sonos raised this week when it dropped some unwelcome news on its customers.
The company has announced that it will discontinue software updates for older products in May this year (here’s a list of products that it marks as legacy). Stopping software updates for legacy kit is nothing new, but it’s the way the company has done it that has Sonos customers’ hackles up.
Sonos points out that it supports software updates on products for at least five years after it stops selling them. However, the issue here is that all products in a Sonos network must run on the same software, meaning that any newer (‘non-legacy’) equipment connected to the speakers will also stop downloading new software updates. The only way around this for Sonos users is to disconnect their new equipment from their legacy kit and run them independently of each other.
From Sonos’s email to customers:
Please note that because Sonos is a system, all products operate on the same software. If modern products remain connected to legacy products after May, they also will not receive software updates and new features.
This carries service implications for users, because while products will continue working without software updates, it doesn’t mean that they will work as well. Sonos explains that as third-party connected cloud partners change their own services, they may become incompatible with the legacy software.
This isn’t just a product service issue; it’s a cybersecurity problem. Any cloud-connected equipment is potentially vulnerable to attack, and researchers frequently discover new exploits. Ugo Vallauri is co-founder and policy lead of the Restart Project, a European organisation that promotes user repairs of consumer electronics in a bid to cut down on e-waste. He told us:
A big issue is the lack of separation between security updates and software updates. While we can’t expect a product’s software to be improved indefinitely, security updates should be ensured for as long as possible. In this case, Sonos is not even mentioning security updates when suggesting that “legacy” products could continue to be used.
When we asked Sonos about this, it replied:
We take our customer’s security seriously and will work to maintain the existing experience and conduct critical bug fixes where the computing hardware will allow.
So perhaps there’s hope, but there’s no official policy that tells you exactly what to expect in terms of cybersecurity fixes.
Contrast that with computer software companies like Microsoft. It also ceases support for its products (a concept known as end of life, or EOL). However, it lets customers know about it years in advance, rather than giving them four months’ notice, as Sonos has done. It offers cybersecurity updates for an extended period and allows customers to buy extended support after that. And EOL Microsoft software connected to the network doesn’t affect software support for non-EOL software.
Sonos customers are furious. On the company’s forum, one, named Stueys said:
Just received the legacy email that tells me that half my 10 unit system will be obsolete from May. So it appears that I can either pile more money into Sonos, accept that my modern equipment (less than 2 years old) will no longer be updated because I have the audacity of being a long term customer or go somewhere else.
So how long should companies maintain software support for their products?
Gay Gordon Byrne is executive director of the Repair Association, a US non-profit that advocates for the right for people to repair products. She told us:
There are ZERO support obligations in the US. There are no requirements that any product be updated for any reason other than for “Defect Support”. Even fixing known defects is voluntary until/unless there is a mandatory recall or other banishment, such as when the Samsung Galaxy 7 phones were so prone to battery fires that they were prohibited on planes.
We asked Sonos why it couldn’t have introduced a software feature that would enable newer products to maintain backwards compatibility with older products. After all, games console vendors engineer entire operating systems to be backwards-compatible with old games, which is a much tougher task. We’ll update this article when the company respond.
Stueys asked Sonos:
So I can make an informed decision Sonos must now publish the support windows for all products currently available. At least try to recover some credibility.
We put this to Sonos, and it restated that it will support products with regular software updates for at least five years after it stops selling them.
Sonos explains that if customers don’t want to keep their old legacy kit, they can trade up. This program, announced in October 2019, gives customers a 30% credit for each legacy product they replace.
There’s a catch, though: to take advantage of the trade-in deal they have to activate ‘recycle mode’, which is effectively a kill switch for legacy equipment. Activating this mode deliberately bricks Sonos equipment in 21 days with no chance of recovery. It’s designed to stop legacy kit from falling into the hands of second-hand customers and degrading their experience, Sonos told The Verge.
All this leads to a bigger question: Do you really own your equipment when it’s connected to a cloud service? Companies have trampled over user rights in the past, such as when Nest bought IoT home hub device Revolv and then bricked all the devices in the field. It’s an ongoing problem and we document other examples.
Increasingly, products are rendered useless via software before they are physically obsolete. We first experienced this with mobiles and tablets, but we will experience this with many of the products we buy. This is totally unacceptable, given their cost to consumers and their environmental cost.
Latest Naked Security podcast
Click-and-drag on the soundwaves below to skip to any point in the podcast.
The post Sonos’s tone-deaf legacy product policy angers customers – Naked Security appeared first on National Cyber Security.
View full post on National Cyber Security
Industrial control systems taken to pieces in ‘drama-filled’ live hacking event
The inaugural edition of Pwn2Own Miami closed its doors on Thursday (January 23), with organizers from Trend Micro’s Zero Day Initiative (ZDI) heralding the industrial control systems live hacking event a success.
Taking place as part of the S4 industrial security conference, Pwn2Own Miami took a similar format to ZDI’s established hacking contests in Vancouver and Tokyo, but with a specific focus on industrial control systems (ICS) instead of PCs or mobile devices.
Over the course of the three-day event, more than $250,000 in prizes were handed out, as hackers demonstrated a string of exploits that made short shrift of many leading ICS platforms that are used to run organizations within the manufacturing, heavy industry, and critical infrastructure sectors.
Among the highlights of Pwn2Own Miami, Steven Seeley and Chris Anastasio successfully demonstrated a denial-of-service (DoS) exploit against the Triangle Microworks SCADA Data Gateway.
The hackers went on to achieve remote code execution in both Inductive Automation’s Ignition platform and the Rockwell Automation Studio 5000 design software.
Pwn2Own Miami is the world’s first ICS-focused live hacking event
Operating under the ‘Incite Team’ banner, the pair netted a total of $50,000 and were crowned ‘Masters of Pwn’.
Discussing the reaction to the debut Pwn2Own Miami, Brian Gorenc, director of vulnerability research and head of Trend Micro’s ZDI program, told The Daily Swig: “It has definitely been a successful debut in the ICS world.
“We had tons of interest in the contest as the event approached, and it all played out on the contest floor. We have had over 10 successful entries, several partial wins, and a couple of failures. [It was a] very drama-filled event.”
He added: “Some of the most interesting entries involve the researchers chaining numerous vulnerabilities together to gain code execution. One of the teams chained five vulnerabilities together to gain code execution on an HMI target. Quite impressive!”
Looking ahead, Gorenc said ZDI would be looking to make more of an impact on the ICS space.
“[We] plan to continue to bring our unique brand of researcher engagement to this community,” he said.
“Vulnerabilities submitted in these targets will continue to be purchased through the ZDI program throughout the year. We hope the increased exposure with the ICS community will result in more submissions outside of Pwn2Own Miami.”
The team may have to wait a little while to advance their plans in the ICS sector, however, as preparations are already underway for the flagship Pwn2Own live hacking event, scheduled to take place in Canada in March.
“With just eight weeks between contests, the team will be hard at work to ensure the flagship contest is successful,” Gorenc said. “We look forward to seeing what research is demonstrated.”
Check out the ZDI blog for a full list of the exploits that were showcased during Pwn2Own Miami.
READ MORE Project Zero relaxes 90-day vulnerability disclosure deadline to boost patch adoption
View full post on National Cyber Security
Our first cyber security round-up of 2020 details updates to NHSmail and advice from the National Cyber Security Centre on the use of Windows 7, after Microsoft officially ended support for the platform.
Three-quarters of healthcare organisations suffered a cyber-attack in 2019
New research by data security provider Clearswift suggests that more than three-quarters (67%) of healthcare organisations in the UK have experienced a cyber security incident in the past year.
The research, which surveyed senior business decision-makers within healthcare organisations, found that almost half (48%) of incidents within the sector occurred as a result of introduction of viruses or malware from third-party devices – including IoT devices and USB sticks.
The survey found that further causes of cyber security incidents included employees sharing information with unauthorised recipients (39%), users not following protocol/data protection policies (37%), and malicious links in emails and on social media (28%).
The report once again highlights the serious threat that data breaches and malicious attacks pose to health data in the UK.
Alyn Hockey, VP of product management at Clearswift, said: “The healthcare sector holds important patient data, so it is alarming to see such high numbers of security incidents occurring in the industry.
“The healthcare sector needs to securely share data across departments and organisations in order to facilitate excellent patient care.
“With the proliferation of third-party devices in this process, it’s more important than ever that the industry bolsters its cyber security efforts to reduce the risk of everything from unwanted data loss to malicious attacks and focusses on keeping patient data safe and secure.”
NHSmail updates to improve security and user experience
NHS Digital is updating NHSmail to improve cybersecurity and save some 40,000 manual work hours for staff.
Dan Jeffery, head of innovation, delivery and business operations at NHS Digital’s Data Security Centre, detailed a number of improvements being made to the NHSmail platform around security, identity verification and user experience in a blog post on 6 January.
This includes a system to automate the movement of user accounts between NHS mail organisations that Jeffrey said would lead to “millions of pounds worth of efficiency savings.”
A password synchronisation micro-service allowing users to synchronise their password from the NHS Directory to their local active directory, and behavioural and transactional analysis providing insight into user behaviour, are also in the pipeline.
Jefferey said: “NHSmail is more than just an email service. The system manages the identities of all users within the Microsoft Active Directory in the NHS and allows local administrators to manage accounts within the NHSmail portal.
“Typically, NHS organisations will manage local identities within their own Active Directory and use the NHS Electronic Staff Record for workforce management, including the on-boarding and off-boarding of employees.
“With more than 13,000 health and care organisations in England and Scotland using NHSmail and 64,000 movements of user accounts every month, the burden is real and the security implications relating to identity are acute. But that also means the opportunity for improvement is significant.”
NCSC warns against using Windows 7
The National Cyber Security Centre (NCSC) has warned the public not to use Windows 7 to access internet banking or email applications after Microsoft pulled support for the operating system last week.
NCSC, the public-facing arm of the UK’s GCHQ intelligence service, said that people running the now-outdated Windows 7 to upgrade to Windows 10 in order to avoid possible cyber security attacks.
Microsoft official ended support for Windows 7 on 14 January, meaning computers running the software will no longer receive security and other important updates.
NCSC said in a statement: “The NCSC would encourage people to upgrade devices currently running Windows 7, allowing them to continue receiving software updates which help protect their devices,” an NCSC spokesman said.
“We would urge those using the software after the deadline to replace unsupported devices as soon as possible, to move sensitive data to a supported device, and not to use them for tasks like accessing bank and other sensitive accounts.
“They should also consider accessing email from a different device.”
Almost half of respondents to the latest Twitter poll run by Infosecurity Europe, Europe’s number one information security event, admit they would be completely unaware if a cyber breach occurred in their organisation. The poll was designed to explore incident response, an area that has come under recent scrutiny following Travelex’s response to its New Year’s Eve cyber-attack, which left many of its systems down and impacted travel currency sales.
Poll suggest half of people “wouldn’t know” warning signs of cyber security incident.
Almost half of respondents to a Twitter poll run by Infosecurity Europe admitted that they would be completely unaware if a cyber security breach occurred in their organisation.
In answer to the question: “If a cyber breach occurred, how quickly could you discover it?” 47.6% conceded they simply would not know.
The poll was designed to explore incident response, an area that has come under recent scrutiny following Travelex’s response to its New Year’s Eve cyber-attack, which left many of its systems down and impacted travel currency sales.
According to Maxine Holt, research director at Ovum, this reflects a widespread issue. “Discovering a breach well after the event is usual. Uncovering breaches is not easy, but proactive threat hunting is an approach being increasingly used by organisations.
“Regularly scanning environments to look for anomalies and unexpected activity is useful, but it can be difficult to deal with the number of resulting alerts. Ultimately, effective cyber hygiene involves having layers of security to prevent, detect and respond to incidents and breaches.”
The poll also examined risk insight, asking: “What understanding do you have of your information assets?” A worrying 44.7% revealed they had “very little” understanding, with 30.7% stating they had “some” – and only 24.7% said their grasp was “comprehensive”.
Bev Allen, CISO at Quilter, said: “Many companies don’t know what or where all their information assets are. They may think they do; but if they’re wrong this leaves them vulnerable to breaches. Consistent knowledge of your assets takes effort; you need tools and systems to record what you have, you need people to follow appropriate processes, and you need to search to find out what you don’t know about and where it is. This search must be done regularly.”
The post #nationalcybersecuritymonth | Cyber security news round-up appeared first on National Cyber Security.
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans America is in a worldwide war, but it’s not a traditional war on a traditional battlefield. It’s an information war that is being fought electronically on the internet. The outcome could help to shape the future of American democracy just as certainly as a war with […] View full post on AmIHackerProof.com
Mega-big online gaming company Ubisoft, maker of mega-hit games including Assassin’s Creed, Far Cry, Just Dance and Tom Clancy’s RainbowSix: Siege (R6S), is suing four operators of the DDoS-for-hire sites that have been launched against its RainbowSix servers.
These guys aren’t just launching attacks that kick all players on a targeted server out of a game, or degrade the game performance down to sludge, Ubisoft alleges. They also allegedly went so far as to throw up a bogus domain seizure notice on one of their sites, claiming that the domain had been seized by “Microsoft Inc. and Ubisoft Entertainment” pursuant to a fictional “Operation(D)DoS OFF”, according to the complaint (posted courtesy of Polygon) that Ubisoft filed on Thursday in the US District Court of Northern California.
Ubisoft says it was part of the operators’ attempts to rub out their tracks:
Defendants are well aware of the harm that the DDoS Services and DDoS Attacks cause to Ubisoft. Indeed, knowing that this lawsuit was imminent, Defendants have hastily sought to conceal evidence concerning their involvement.
It’s not just alleged DDoS-for-hire operators who knew this lawsuit was coming. Everybody in the gaming world knew. Ubisoft picked up on an increase in DDoS attacks in September 2019, banned the worst offenders, and said that it was talking to its legal team about legal action.
Last week, Ubisoft filed the complaint against five people whom it thinks run a network of four distributed denial of service- (DDoS)-for-hire services via various domain names and websites – the websites SNG.one, R6S.support, r6ddos.com, and (could they possibly be more redundant?) stressed-stresser-stressing-stressers.com – and that they hide behind various anonymous online aliases to do so.
The defendants: Dennis Kruk (based in Germany), Maximilian Kuehl (Germany), Kelvin Uttih (Nigeria), an individual identified as B.R. (the Netherlands), and an individual identified only by their email address: firstname.lastname@example.org.
Booter who, now?
Stressers – also known as booters or DDoS-for-hire – are publicly available, web-based services that launch server-clogger-upper attacks for a small fee or, sometimes, none at all.
As befits the “stresser this” and “stresser that” brand names for a lot of these services – besides the stresser-stressy-stress-o-matic name mentioned in the complaint, such services have included ExoStresser, QuezStresser, Betabooter, Databooter, Instabooter, Polystress, and Zstress – DDoS-for-hire sites sell high-bandwidth internet attack services, sometimes under the guise of “stress testing.” SNG.ONE does the same: its site describes it as a “penetration testing service.”
DDoS attacks are blunt instruments that work by overwhelming targeted sites with so much traffic that nobody can reach them. They can be used to render competitor or enemy websites temporarily inoperable out of malice, lulz or profit: as in, some attackers extort site owners into paying for attacks to stop.
One example is Lizard Squad, which, until its operators were busted in 2016, rented out its LizardStresser attack service. LizardStresser was given a dose of its own medicine when it was hacked in 2015.
You might remember Lizard Squad as the Grinch who ruined gamers’ Christmas with a DDoS against the servers that power PlayStation and Xbox consoles – an attack it carried out for our own good.
For our own good, as in, the attackers didn’t feel bad: some kids would just have to spend time with their families instead of playing games, one of them said at the time.
These services, in other words, are used a lot in the online gaming world. Booter-based DDoS attack tools offer a low barrier to entry for users looking to engage in cybercrime. Indeed, hiring a service to paralyze your enemies’, your competition’s and/or your targets’ sites makes it as easy as simply handing over the money, no technical skill required… nor much money.
Chump change for cheaters
In April 2018, when the world’s largest DoS site – Webstresser.org – got busted, we got a look at the paltry sums the crooks were being charged for unleashing mayhem. According to Webstresser’s pricing table, archived before the site was taken down, memberships $18.99/month for the “bronze” level, and $49.99/month for a “platinum” service.
According to Ubisoft’s suit, the defendants sell subscriptions for up to $299.85 for “lifetime” access to a server that dishes out DDoS attacks. The subscription tiers include Starter, Advanced and “Full Time B00ter.” Monthly pricing starts at 10 Euros (about USD $11.11) and goes on up to 270 Euros (about USD $299.85) for “lifetime” access.
Besides R6S, the complaint included a screenshot that also showed Fortnite, FIFA 20, and Call of Duty: Modern Warfare 4 as potential targets.
There are a whole lot of DDoS-for-hire services out there, but the ones named in the complaint are specifically aimed at Ubisoft games. The operators of the services not only named their offerings using Rainbow Six Siege references; they’ve also “gone out of their way” to taunt Ubisoft support, the complaint notes.
For example, the complaint included a screenshot of a tweet that mocked Ubisoft’s security efforts, including the company’s efforts to ban users of the DDoS services.
As Polygon reports, DDoS attacks are the tools of cheaters.
Cheating players use the attacks to create lag, slow the matches down and frustrate legitimate players into quitting. Ordinarily, quitting a match earns a penalty and gives the remaining player ranked points without having to do anything.
Ubisoft asked the court to shut down the alleged cheaters’ websites and to award damages and fees.
SNG.ONE hasn’t responded to media inquiries.
Latest Naked Security podcast
Click-and-drag on the soundwaves below to skip to any point in the podcast.
The post Ubisoft sues DDoS-for-hire operators for ruining game play – Naked Security appeared first on National Cyber Security.
View full post on National Cyber Security