Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

DDoS reflection attacks are back -- and this time, it's personal

Maria Korolov | May 20, 2015
Attackers targeting personal computers on misconfigured home networks.

Finally, another attack vector that's just now starting to make an impact is domain hijacking.

"People are actually attacking the registries and getting their own information put in, so the big sites are losing control of their DNS infrastructure," Korbin said.

There have been a few high-profile cases so far, he said, mostly politically motivated, but not yet enough data to measure a trend.

"We didn't see it much in 2012, started seeing a little bit of it in 2013 and 2014, and seeing it more of it now," he said.

He recommended that companies switch on two-factor authentication for their email systems when available, ensure that employees don't reuse credentials, ask their domain registrars to put a lock on their domains, and, finally, keep a close eye on traffic numbers to spot a drop-off as soon as it happens.

With these domain redirects, the attackers are not only able to shut down the legitimate website, but also put up their own content under that website's brand.

 

Previous Page  1  2 

Sign up for CIO Asia eNewsletters.