cybersecurity

DDoS on X was avoidable, but inevitable

The DDoS attack on X.com this week provided a certain amount of schadenfreude for people less than enamored by Elon Musk. It also rang alarm bells in the cybersecurity community as that style of attack seems to be making a comeback, and not for financial gain. All indications are corporations, and, in particular, government institutions are not ready to repel attacks motivated by political revenge.

Security intelligence company Fletch.ai this week identified multiple ongoing attacks around the world targeting corporations for a variety of political positions, depending on which side the entities supported. Issues include the Ukraine/Russia war, Palestine/Israel, immigration, tariffs and just plain political leanings.

Musk blamed Ukrainian hackers for the attack on X (aka Xitter) but because DDoS attacks use multiple servers arrow the globe it is difficult to identify a particular source. However, Fletch and other analysts identify pro-Russian and pro-Chinese hacktivist groups behind most of the attacks using tried-and-true botnets.

Cheap and easy

Mithilesh Ramaswamy, a senior security engineer at Microsoft, said the cost of compute and cloud infrastructure are cheap now creating a low barrier to entry. “Even renting a botnet or using a DDoS-for-hire service is relatively simple and inexpensive.”

Dependency on cloud services also make organizations vulnerable when they rely heavily on third-party services or microservices architectures, he explained, allowing attackers to exploit integration weak points and unleash large-scale disruptions with targeted floods of traffic.

Cloudflare reported blocking a record-breaking 5.6 Tbps DDoS attack carried out by a Mirai-variant botnet. The significant increase in DDoS attacks in 2024, with a 53% rise from the previous year, underscores the growing threat. Fletch reported that the BadBox botnet infected over one million Android devices in 2024 “Despite efforts to disrupt it, the botnet continued to grow, indicating the persistent and evolving nature of DDoS threats.”

A pro-Palestinian hacktivist group known as Dark Storm claimed responsibility for attack on X.com, which caused major outages on the platform over the course of 48 hours. But that claim has not been verified.

Lax security

Ian Thornton-Trump, a well-respected security expert and current CISO for the Inversion6, blamed lax security standards at X.com for the breach. He pointed out that the section of the X.com servers the was hit was not covered by their Cloudflare subscription. Cloudflare is primarily a third-party service that provides a robust protection against DDoS attacks. The rise of these services helped drive the popularity of the attacks down over the past few years, but an organization still has to turn on the protection as they implement new data services. X apparently did not do that.

Premium Membership Required

You must be a Premium member to access this content.

Join Now

Already a member? Log in here
Read more...

Scam bucket: Tech support fraud

Dealing with wonky printers is a universal frustration. According to Gartner studies, printers are by far the biggest technology problem, racking up 50 percent of all technical support calls worldwide. And that makes them a very profitable scam.


Here’s how it works. You’re sitting at home and want to print out a bill, letter, or other document and the printer hangs up. The little wheel is just spinning and spinning. After multiple tries you decide to call tech support to fix the problem. After 2 hours of sitting listening to the same song, interrupted by the recorded voice telling you your “call is important,” you start surfing for some sort of help. Your results show three or four sites for printer support and a free chat service.

You click one of them, still waiting on your phone for help, and immediately get someone in the chatbot who is very helpful and asks if they can be connected to your computer to see what the problem is. In the hope of being freed from frustration you click on a link and suddenly your “savior” is moving around your computer downloading “the latest printer driver.” It is only much later that you find he has found your banking information and has sucked your account dry.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here
Read more...

Phishing grows but can be blunted

Phishing attacks are on the rise again with the help of sophisticated generative-AI tools. However, new defenses and increased wariness among potential victims are blunting phishing’s potential for widespread harm.

For the uninitiated, phishing is a foundational practice for all cybercrime. For the most part, it is a scatter-gun methodology, sending out as many emails, texts, social media posts, and even phone calls as possible to get victims to give up personal information or access sensitive files. There are billions of phishing attacks going on around the world every year. According to FBI reports, the latest report shows losses in 2022 were more than $10 billion. The totals go up every year.

Phishing on the rise

Huntress recently issued a comprehensive report on the state of cybercrime that showed an alarming increase in the number of attacks in 2024 using no less than 285 different forms of attack. Modern attack methodologies go far beyond just sending out massive amounts of emails. They can also include an “urgent” voicemail or text, urging the victim to immediately click on the link of an email; infiltrating reply chains; QR codes instead of links, and signature impersonations.

One new phishing kit is Astaroth, which was revealed in January by SlashNext, a cloud email security provider. Primarily marketing on the Telegram messaging platform, the kit sells for $2000 and includes free trials.

Read more...

A new year and new problems

We open a new year and a new season with our friend, Ian Thornton-Trump, chief information security officer at the MSSP Inversion6 and in 30 minutes we take on some pretty meaty subjects.
First, we discuss how China strategically infiltrated technology systems in the US and other countries as a geopolitical message rather than attacks. He discusses the challenges of securing complex, interconnected systems and the need for proactive defense.
Next we review the rise of corporate power and influence and how the increasing wealth and influence of individuals like Elon Musk is disrupting the traditional balance of power in democracies. The ethical concerns around wealthy individuals wielding disproportionate political influence could result in something the oligarchs are not expecting.
Finally, we review potential trade wars and the possibility of Canada and Mexico joining the BRICS alliance.
2025 is going to be bumpy but very interesting.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here
Read more...

Online platforms negate tools for shoppers

It’s officially the Christmas holiday shopping season and scammers are happily draining online shoppers gift budgets with wild abandon. The FBI warned consumers last week that holiday-related fraud is growing. E-commerce sales should exceed $260 billion this year and even if scammers maintain the same activity as 2023, they should come away with a cool $10 billion. No matter what the cybersecurity industry comes up with in the form of protections for consumers it is negated by retail platforms like Amazon, Google and Temu.

The Federal Trade Commission (FTC), identifies individuals aged 18 to 39 are 25% more likely to fall victim to online shopping scams than older adults. These shoppers rely heavily on e-commerce platforms and social media ads that are scams disguised as unbelievable holiday deals.

Cutting back

One might think that online retailers are ramping up systems to curb that kind of abuse. You would be very wrong. According to recent reports, retailers are growing security spending by 8% in 2024, compared to rates of rates of 16% and 17% seen in 2021 and 2022 respectively. In some cases, retailers are cutting security budgets.

Free Membership Required

You must be a Free member to access this content.

Join Now

Already a member? Log in here
Read more...

AI making life hard for consumers and cybersecurity

The AI industry supposedly to make life easier for humanity. Since it first burst onto the scene it has, arguably, made life more difficult. Consumers and the cybersecurity industry, in particular, are struggling professionally, emotionally, and mentally to understand the value, if not the efficacy, of the technology.

Cyber Protection Magazine evaluated three surveys, from Armorcode, Arkose Labs, and Appdome, over the past few weeks. They agreed the public image of AI is untrustworthy, full of false promises, and something to be feared. In spite of this image, customers believe they must adopt and adapt to the technology, even if they don’t want to.

Read more...

Poor marketing endangers society

n the past few weeks, as various security companies have published multiple studies about the state of cybersecurity, a common theme has arisen: Executives running the companies that purchase security tools and services are not sure their purchases have made them any safer. This widespread position in the market confirms results of a months’ long investigation by Cyber Protection Magazine that marketing practices in the industry are failing to do the job and, in the process, making society less safe.

While every report skews data to convincing customers to add their company’s tools and services to their budgets. However, every report also reports that between 60 and 90 percent of managers have significant concerns and doubts that the tools they have, and the tools they are considering, will not do the job that needs doing. The reasons for that lack of confidence are three-fold.

Three reasons for lack of trust

First, stuff is moving fast. Governments are legislating controls and protections faster than normal. Sometimes this rules don’t make sense and many in the industry think they are holding back innovation and adoption. Criminals and nation states are stepping up attacks that bypass established protections, and lawsuits for negligence are growing. Second, while understanding the need for security best practices is at an all-time high, that’s mainly because weaknesses due to work-from-home, generative AI and news about data breaches is also high. That means while understanding of the need is high, inexperience and ignorance is creating new opportunities for attacks.

“Many executives may not exactly understand how (the tools) work,” said Cache Merrill, founder of software outsourcing company, Zibtek. “. When there is a concern on the functionality of the tools or when attention is on what the tech teams understand without listening to them, anxiety is experienced. To put it simply, if they cannot see it, they will not put faith in it.”

Carl DePrado, an SMB IT consultant based in New York, aid, “The sheer number of cybersecurity products and services can be overwhelming. This contributes to a sense of vulnerability, as they may not feel confident that they have covered all their bases.”

Membership Required

You must be a member to access this content.

View Membership Levels

Already a member? Log in here
Read more...

Pig butchering: Proving the Luddites right

Pig-butchering may be proving the Luddites were right. The social-engineering scam bypassed ransomware as the most profitable cybercrime approximately two years ago. After government regulations and law enforcement took a big bite out of returns for ransomware this past year, public-private partnerships are taking aim at the new champ.

TL;DR
* Pig butchering eclipses losses from ransomware
* Top targets are tech savvy people under 50
* Human error trumps cyber awareness
* Public/private partnerships making inroads at dismantling scam operations
* Tips to avoid scams
* Podcast with Arkose CEO
Between 2020 and 20023, scammers reaped more than $75 billion from victims around the world. Approximately 90 percent of the losses came from of purchasing fraudulent cryptocurrency, according to the US Treasury Department’s, Financial Crimes Enforcement Center. In comparison, ransomware attacks in that same period harvested $20 billion worldwide in ransoms and cost approximately another $20 billion in recovery costs.

Membership Required

You must be a member to access this content.

View Membership Levels

Already a member? Log in here
Read more...