The week in security: Biggest DDoS ever as piracy linked to malware

A vulnerability in Apple's password-reset functionality sent the company scrambling for a solution, adding two-factor authentication as the US Federal Trade Commission tightened the screws, to the approval of many security experts.

Apple also took a stab at the Yontoo browser plugin, updating its anti-malware system to block the wayward ad-injecting software. Also on the ad front, the online advertising industry took on Mozilla over its decision to block third-party cookies in a future Firefox release – claiming that it will see more ads shown to users.

New malware was targeting point-of-sale software, while also creating problems was a new version of TDL rootkit software, which uses some sneakiness to twist the Chromium Embedded Framework to its own nefarious purposes. And while a study of Melbourne-bought pirated software confirmed it's often a security breach waiting to happen, this sort of thing is happening so often that pirated software isn't the only guaranteed way to get malware: in a climate where many malware strains are proving unstoppable and antivirus software isn't keeping up with new malware, even major Web sites aren't completely free of interference from hackers.

Neither are their emails. With Westpac the latest to be hit by an email scam. Wells Fargo was copping its share of DDoS attacks, while antivirus researchers identified a targeted email attack against Android-using political activists.

Their phones, some warn, may prove to be a cornucopia of information: many smartphones keep traces of files that are stored in cloud-computing services even when they're not supposed to, confirming researchers' warnings that cloud storage services leak data like sieves. Little wonder: Android, researchers have advised, has a target on its back as it becomes the favoured mechanism for cyberattacks.

HP has launched a free service to test some mobile and Web apps for common security issues, while a Forrester Research report suggests that ever more-popular mobile device management (MDM) is a “”>heavy-handed” approach to security that will change the way even laptops are managed.

With Android adware on the rise, it seems some people are willing to support an erosion of privacy in the name of better security. At Harvard University, however, email snooping has many concerned that the line will increasingly be crossed. Certainly, many gang-based cyberattackers are crossing that line – but system administrators can fight back with a number of IT security innovations.

In a week of escalating global security concerns, it was perhaps unsurprising that a NATO study found the Stuxnet malware attack on Iran was an "act of force", although it was held not to have had a serious enough impact to justify a response from Iran. But with enterprises running Java versions that are months out of date and most Java-enabled browsers vulnerable to common exploits and malware-detecting 'sandboxing' proving to be far from foolproof, those seeking to defend against the likes of Stuxnet must keep their wits about them.

The damage from such attacks isn't limited to the immediate results: data breaches can have long-term implications for companies in terms of financial impact and loss of customer trust. Little wonder the UK government is stepping up its defences, with a new cyber-crimes unit called Fusion Cell debuting to allow security experts to monitor cyber attacks in real time.

They would have had quite a show watching the DDoS attack against anti-malware firm Spamhaus, which was hit with what was reportedly the largest DDoS attack ever observed. The attack grew out of a spat between Spamhaus and a Dutch company it had blacklisted, causing delays across the Internet as hackers pummelled the site with 300Gbps of rubbish.

Authorities are still looking into that one, while some noted it highlights the dangers of open DNS servers and others were forecasting such 'mega DDoS' attacks were on the rise. In the meantime, however, a Wisconsin, US man was charged for participating in an Anonymous DDoS attack.

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

Tags ddossecurity

More about AppleCSOFederal Trade CommissionForrester ResearchHarvard UniversityHPMozillaNATOUS Federal Trade CommissionWells FargoWestpacWestpac

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place