Colleges have been a Rich hunting ground for cyber criminals and even with school out of session it appears there is no letup, The New Internet reports: June Busy Month for Cyber Criminals Targeting Colleges.
Most of these attacks are focused on stealing personal information from college records as well as directly from students. The .edu domain is in the process of rolling out DNSSEC, which will provide an authentication mechanism that will make many of these attacks more difficult. Yet very few colleges have adopted DNSSEC or are in the process of adopting DNSSEC. The cost is not significant nor is it difficult.
Also in this publication is a report on a DDoS attack that took down Australian news site Whirlpool.net.au:
Lorenzo Modesto, chief operating officer for the website’s hosting service Bulletproof Networks, said customers were alerted about the attack at 12:46 a.m. After immediately blocking Whirlpool IP addresses to observe it better, Bulletproof discovered the attackers were originating from Denmark and the United States, Modesto said.
Other Bulletproof customers were affected for around an hour, but Whirlpool was left offline until around 8 a.m. When the Bulletproof operations team tried to bring Whirlpool back online, the service went down within a minute.
“We unblocked them at 8 a.m. and within a minute or two, the denial-of-service attack was back on,” Modesto said. “We escalated the issue to block it upstream with our upstream providers. Once we provided them with the source IP addresses they actually blocked those IP addresses upstream.”
Denial of service attacks continue to be a problem that is difficult to address. Blocking IP addresses and taking sites like Whirlpool down for over 8 hours is not a good solution.
I am curious as to how high the traffic load was in this attack and whether there was any mitigation in place that failed to stop the attack.
Comments