Security News

Distributed denial-of-service attacks leveraging a new amplification technique called TCP Middlebox Reflection have been detected for the first time in the wild, six months after the novel attack mechanism was presented in theory. "The attack [] abuses vulnerable firewalls and content filtering systems to reflect and amplify TCP traffic to a victim machine, creating a powerful DDoS attack," Akamai researchers said in a report published Tuesday.

The Log4Shell vulnerabilities in the widely used Log4j software are still leveraged by threat actors today to deploy various malware payloads, including recruiting devices into DDoS botnets and for planting cryptominers. The threat actor can then control this botnet to perform DDoS attacks against a specific target, depleting their resources and disrupting their online service.

Researchers have identified an alarming new trend in DDoS attacks that target packet inspection and content filtering devices to attain enormous 6,533% amplification levels. DDoS attacks are used to take down a server or corporate network by overwhelming network devices such as servers and routers with a large number of bogus requests or very high volumes of garbage data.

Renewed DDoS attacks have been launched against websites Ukrainian government agencies and banks. New data wiper malware has been discovered on Ukrainian computers, as well as machines in Latvia and Lithuania.

IBM's infosec division says the UK was one of the most targeted countries in Europe for cyberattacks last year. The 12-strong Lithuanian-led team - including members from Estonia, the Netherlands, Lithuania, Croatia, Romania and Poland - is visiting the Ukraine to help it defend against Russian cyberattacks both remotely and on-site in the country, an EU spokesman told the BBC. Separately, this afternoon another series of outages appeared to hit various Ukrainian government websites.

The sites of several Ukrainian government agencies, and of the two largest state-owned banks are again targeted by Distributed Denial-of-Service attacks. Internet watchdog NetBlocks also confirmed that the websites Privatbank and Oschadbank were being hammered in the attacks and knocked down together with Ukrainian government sites.

Neustar Security Services has released a report which details the ongoing rise in cyberattacks in 2021, with an unprecedented number of carpet bombing distributed denial of service attacks. Carpet bombing, in which a DDoS attack targets multiple IP addresses of an organization within a very short time, accounted for 44% of total attacks last year, but the disparity between the first and second half of 2021 was stark.

Today, the White House has linked the recent DDoS attacks that knocked down the sites of Ukrainian banks and defense agencies to Russia's Main Directorate of the General Staff of the Armed Forces. Neuberger also added that, although "Of limited impact" these incidents could be part of a more significant Russian effort to prepare for other, "Laying groundwork" for more disruptive attacks that would come together with a potential invasion of Ukraine's territory.

"The DDoS attacks against the Ukrainian defense ministry and financial institutions appear to be harassment similar to the previous DDoS attacks seen in January," Rick Holland, CISO at Digital Shadows, said via email. In the past two months, Russian- advanced persistent threats have been tied to an attack on 70 Ukrainian government websites, a wiper targeting government, non-profit and IT organizations, and increased attacks and espionage against military targets.

Unknown attackers have mounted disruptive distributed denial-of-service attacks against several Ukrainian government organizations and state-owned banks on Tuesday. The DDoS attacks' impact on government sites and bank services.