There is no escaping it. COVID-19 is dominating headlines and has impacted virtually every corner of the world. Like most people at this point, Im 30 days into isolation and trying everything in my power to ignore the elephant in the room and the politics that go along with it.
Unfortunately, or fortunately, cyber security is an essential business. As a result, those working in the field are not getting to experience any downtime during a quarantine. Many of us have been working around the clock, fighting off waves of attacks and helping other essential businesses adjust to a remote work force as the global environments change.
Along the way we have learned a few things about how a modern society deals with a pandemic. Obviously, a global Shelter-in-Place resulted in an unanticipated surge in traffic. As lockdowns began in China and worked their way west, we began to see massive spikes in streaming and gaming services. These unanticipated surges in traffic required digital content providers to throttle or downgrade streaming services across Europe, to prevent networks from overloading.
The COVID-19 pandemic also highlights the importance of service availability during a global crisis. Due to the forced digitalization of the work force and a global Shelter-in-Place, the world became heavily dependent on a number of digital services during isolation. Degradation or an outage impacting these services during the pandemic could quickly spark speculation and/or panic.
[You may also like: COVID-19: The Rise of the Telecommuter & the Impacts on Businesses]
For example, as COVID-19 began to take a toll on Australias economy, there became a rush of suddenly unemployed citizens needing to register for welfare services on MyGov, Australias government service portal. This natural spike in traffic ended up causing an outage on the morning of March 23rd, requiring Government Services Minister Stuart Roberts to walk back his initial claims that the portal had suffered from a DDoS attack, naturally causing panic and speculation among those desperately seeking government assistance.
In France, Assistance Publique Hpitaux de Paris, the university hospital trust managing 39 public hospitals in the area, found itself a victim of a DDoS attack on March 22nd, just as France begin to deal with a surge in COVID-19 related cases. The attack was reported to have only lasted an hour and did not cause any significant damage.
The problem was, upon further review, in order to deal with the attack, there was a reduction in internet access. Typically, during any other day, this reduction would not have had an impact, but due to the pandemic and a remote, non-essential work force, employees outside of the hospitals network were blocked from external access during this attack, resulting in the inability to access email, Skype or remote application.
[You may also like: Preserving Business Continuity During the Coronavirus Pandemic]
In addition to this attack, the Brno University Hospital in the Czech Republic was hit a week earlier with a cyber-attack that force the hospital to shut down their entire network, resulting in the cancellation of surgeries.
And if that wasnt enough, a food delivery service in Germany experienced a DDoS attack from an extortionist. Lieferando.de, also known as takeaway.com, is a takeaway food service that delivers from more than 15,000 restaurants in Germany. During this global pandemic, citizens of the world have become very dependent on take away food services as part of the effort to help flatten the curve. Unfortunately, an extortionist attempted to capitalize on this by launching a Ransom Denial of Service (RDoS) attack on Takeaway, demanding 2 BTC ($11,000) to stop the attack. As a result, some orders were able to be accepted but were never delivered, forcing Germans to find another option for the night.
It should come as no surprise that law enforcement agencies around the world are particularly interested in taking down those looking to profit from COVID-19. They are also interested in kicking down doors of those who are conducting DDoS attacks during the pandemic.
[You may also like: How to Protect Your VPN: Lessons From a DDoS Attack Test]
On April 10th, a 19-year-old from Breda, Netherlands, was arrested for conducting a DDoS attack on March 19th against MijnOverheid.nl and Overhied.nl. Both of these websites are government-related and were providing Dutch citizens with important government information related to the pandemic.
Its truly unfortunate to see teenagers in the middle of a pandemic targeting critical infrastructure, preventing access to emergency regulations and advisories, but what did we expected? A cease-fire? In order to prevent additional DDoS attacks, a week prior to the Breda arrest, Dutch police shut down 15 stresser services. While these services were not listed, I can tell you, the raid was largely unnoticeable. Part of the problem can be found between the words of Jeroen Niessen, Dutch Police:
With preventive actions, we want to protect people as much as possible against DDoS attacks.By taking booters and their domain names offline, we make it difficult for cyber criminals.We have now put quite a few on black.If they pop up elsewhere, we will immediately work on it again.Our goal is to seize more and more booters
If they pop up elsewhere, we will immediately work on itagain.
In my opinion, it sounds like the police finally understand that raids are a losing battle without total commitment. If theres one thing we learned from the 2019 raid of KV solution, a bulletproof hosting provider, it was that when one criminal falls, dozens are willing to replace them.
For example, in 2018 the Department of Justice took down 15 stresser services as part of an effort to prevent DDoS attacks. The domain seized are listed below:
[You may also like: Are Darknet Take-Downs Effective?]
The problem is, taking down a stresser service is pointless when there are so many criminals using public services and corporations to mask their identities. Until there is cooperation and commitment to removing the DDoS threat completely, it will always linger, rearing its nasty head in the worst moments. Due to the lack of commitment between the global law enforcement community and the security community, we are unable to see a meaningful impact in the DDoS landscape.
Its really not that difficult to find a stresser service today. In fact, you can find these criminals openly advertising their services on major search enginesno Tor browser or Darknet Market required. While search engines could simply de-index these services, they choose not to. Instead, they elect to profit from your misfortune. Below are a handful of sites found on popular search engine using the terms booter or stresser:
powerstresser.pro, freeboot.to, instant-stresser.to, meteor-security.to, layer7-security.to, stressthem.to, stress.to, stress.gg, booter.vip, bootstresser.com, bootyou.net, defconpro.net, str3ssed.co, ts3booter.net, vdos-s.co, webstresser.biz, hardstresser.com, havoc-security.pw, synstresser.to, dosninja.com, stresser.wtf, thunderstresser.me, ripstresser.rip, astrostress.com, botstress.to, dotn3t.org, nightmarestresser.to, silentstress.wtf, torstress.com, xyzbooter.net, databooter.to.
[You may also like: COVID-19 Shows the Importance of Protecting Availability]
After reviewing the list, Officer Jeroen Niessens statement becomes clearer. Whether or not these current websites are associated with the original criminal groups or cloned, multiple stressers with notorious names have been reappearing. In general, I think its fair to say that while raids are disrupting criminals, they have hardly put a dent in the overall activity or economy of the DDoS-as-a-Service industry. Takedowns only represent a temporary solution, and this has become clear during the pandemic.
Unfortunately, the threat landscape continues to evolve during a pandemic. Criminals are clearly not taking time off.Worst of all, not only is the public cloud fully in scope for cybercriminals looking to compromise enterprise equipment, but due to the ongoing pandemic and the remote digitalization of the work force, remote software and digital services have come under fire from opportunist criminals.
I think during this time of chaos and uncertainty we really need to reflect on our impact and ability to secure the digital workforce and ask ourselves, are we protecting criminals due to privacy concerns or is there more we could do to remove and eliminate the DDoS threat?
Download Now
Read more here:
DDoS in the Time of COVID-19: Attacks and Raids - Security Boulevard
- Tor - Official Site - April 26th, 2014 [April 26th, 2014]
- Tor Browser (M-S0FT) - Video - April 26th, 2014 [April 26th, 2014]
- Downloading torrents in utorrent using tor browser - Video - April 27th, 2014 [April 27th, 2014]
- Tor Browser installieren [Tutorial deutsch] - Video - May 1st, 2014 [May 1st, 2014]
- TOR BROWSER KURULUM+KULLANIM - Video - May 1st, 2014 [May 1st, 2014]
- tor browser descargar e instalar - Video - May 1st, 2014 [May 1st, 2014]
- Entering the Deep Web-Deep Web Url link (2014) - Video - May 6th, 2014 [May 6th, 2014]
- Red Onion Tor Browser for iPhone - Video - May 10th, 2014 [May 10th, 2014]
- working referral link to agora hidden market place -new url ( onion site ) - Video - May 12th, 2014 [May 12th, 2014]
- Tor Browser Free Download/Install|Free Latest Version|64/32 bit Windows|2014 - Video - May 18th, 2014 [May 18th, 2014]
- how to install TOR Browser On LINUX - Video - May 18th, 2014 [May 18th, 2014]
- Grams Darknet black market search engine demo - Video - May 18th, 2014 [May 18th, 2014]
- How to Install the New Tor Browser in Kali Linux - Video - May 18th, 2014 [May 18th, 2014]
- How to download and use Tor browser [4K] - Video - May 20th, 2014 [May 20th, 2014]
- Free App Lets the Next Snowden Send Big Files Securely and Anonymously - May 22nd, 2014 [May 22nd, 2014]
- How to get free 7 day trials for XBL works as of May 2014 - Video - May 23rd, 2014 [May 23rd, 2014]
- Free Access to Deep Web (HIdden Wikki)(Tor Browser)-free 2014 - Video - May 27th, 2014 [May 27th, 2014]
- Federal Cybersecurity Director Found Guilty on Child Porn Charges - August 31st, 2014 [August 31st, 2014]
- Cybersecurity official uses Tor but still gets caught with child porn - August 31st, 2014 [August 31st, 2014]
- Softonic - Tor Browser - Download - August 31st, 2014 [August 31st, 2014]
- What is the Tor Browser? - Tor Project: Anonymity Online - August 31st, 2014 [August 31st, 2014]
- Tor Browser - Problem Connecting? - August 31st, 2014 [August 31st, 2014]
- Review: Tor Browser Bundle lets you browse in anonymity ... - August 31st, 2014 [August 31st, 2014]
- Guide to using the Tor Browser Bundle for secure communication - Video - August 31st, 2014 [August 31st, 2014]
- Hack-Bypass Hotspot (Mikrotik) With Tor Browser - Video - September 3rd, 2014 [September 3rd, 2014]
- Using tor-browser on ubuntu 14.04 LTS - Video - September 7th, 2014 [September 7th, 2014]
- Download Tor Browser Bundle 3 6 5 For Win, Mac, Linux - Video - September 8th, 2014 [September 8th, 2014]
- Browse Anonymously, Browse Safely - The App Center - September 11th, 2014 [September 11th, 2014]
- Tor browser NOT SAFE without this quick step - Video - September 12th, 2014 [September 12th, 2014]
- Tor Browser for iOS - Free download and software reviews ... - September 14th, 2014 [September 14th, 2014]
- Comcast Denies It Will Cut Off Customers Who Use Tor, The Web Browser For Criminals (CMCSA) - September 15th, 2014 [September 15th, 2014]
- Comcast calls rumor that it disconnects Tor users wildly inaccurate - September 15th, 2014 [September 15th, 2014]
- Why a thinly sourced, unverified report about Comcast has the Web in an uproar - September 16th, 2014 [September 16th, 2014]
- Drier: Is Comcast really blocking anonymous Internet browser Tor? - September 19th, 2014 [September 19th, 2014]
- Guns, drugs and freedom: the great dark net debate - September 19th, 2014 [September 19th, 2014]
- Download and Install Tor Browser Bundle - Video - September 24th, 2014 [September 24th, 2014]
- install tor browser for kali linux 1.0.9 - Video - September 27th, 2014 [September 27th, 2014]
- TOR Browser: Safe to use 2014? - Yahoo Answers - September 28th, 2014 [September 28th, 2014]
- Alex Jones Interviews Creator of TOR Browser- Infowars September 2014 - Video - September 28th, 2014 [September 28th, 2014]
- Tor Executive Director Hints At Firefox Integration - September 30th, 2014 [September 30th, 2014]
- Dreaming of a Tor Button for Firefox - September 30th, 2014 [September 30th, 2014]
- Install tor browser on kali linux - Video - September 30th, 2014 [September 30th, 2014]
- How to install TOR browser bundle on sparkylinux 32bit - Video - September 30th, 2014 [September 30th, 2014]
- Firefox could be adding built-in Tor support for improved private browsing - October 2nd, 2014 [October 2nd, 2014]
- Tor Browser Bundle: Download & Start - Tutorial deutsch - Video - October 3rd, 2014 [October 3rd, 2014]
- With This Tiny Box, You Can Anonymize Everything You Do Online - October 13th, 2014 [October 13th, 2014]
- Tor Browser Cheat TankPit - Video - October 13th, 2014 [October 13th, 2014]
- Anonabox Promises Total Online Anonymity That's Easy, Open Source, and Cheap - October 14th, 2014 [October 14th, 2014]
- This tiny box anonymises all your online actions - October 14th, 2014 [October 14th, 2014]
- Anonabox promises a portable, streamlined way to use Tor to hide your online tracks - October 14th, 2014 [October 14th, 2014]
- Investors flock to tiny device that promises online anonymity - October 16th, 2014 [October 16th, 2014]
- How to run all your Internet's programs thru Tor Browser - Video - October 16th, 2014 [October 16th, 2014]
- Tails 1.2 : Released with Tor Browser 4.0 - Video - October 20th, 2014 [October 20th, 2014]
- Tor Browser 4.0 is released | The Tor Blog - October 25th, 2014 [October 25th, 2014]
- Access Blocked site using Tor Browser and chrome [2014] - Video - October 27th, 2014 [October 27th, 2014]
- Be Anonymous Online : TOR Browser - Video - October 27th, 2014 [October 27th, 2014]
- Menggunakan TOR Browser - Video - October 29th, 2014 [October 29th, 2014]
- Facebook Just Created a Custom Tor Link and That's Awesome - October 31st, 2014 [October 31st, 2014]
- How to Use Deep Web Using Tor Browser - Video - October 31st, 2014 [October 31st, 2014]
- Setup Tor Browser on Mac OS 10 - Video - October 31st, 2014 [October 31st, 2014]
- Facebook opens up to Tor users with new secure .onion address - November 1st, 2014 [November 1st, 2014]
- How to use the Tor browser and the Open PGP applet - Video - November 1st, 2014 [November 1st, 2014]
- Facebookcorewwwi.onion ( Preview ) - Video - November 2nd, 2014 [November 2nd, 2014]
- How to use Tor for Facebook (Windows, Mac & Linux) - November 4th, 2014 [November 4th, 2014]
- Tor Browser Bundle - Secure your Web surfing - [Free Download] - Video - November 5th, 2014 [November 5th, 2014]
- The Law Scores a Victory Against Dark Net Denizens - November 8th, 2014 [November 8th, 2014]
- Tor Browser New 4 - Video - November 8th, 2014 [November 8th, 2014]
- How to (Install- Enable) Flash Player on Tor Browser - Video - November 9th, 2014 [November 9th, 2014]
- Tor Browser New 2 - Video - November 9th, 2014 [November 9th, 2014]
- Tor Browser New 1 - Video - November 9th, 2014 [November 9th, 2014]
- Developer edition and privacy are Firefoxs 10th birthday present for the world - November 11th, 2014 [November 11th, 2014]
- Easily Install Tor Browser 4.0.1 via PPA in Linux Mint 17 - Video - November 11th, 2014 [November 11th, 2014]
- Better Tor-gether? Mozillla bids to bring anonymous browsing to the masses - November 12th, 2014 [November 12th, 2014]
- How to connect Tor Browser to Country-specific IP Address - Video - November 12th, 2014 [November 12th, 2014]
- A Computer Science Professor Found A Way To Identify Most 'Anonymous' Tor Users - November 19th, 2014 [November 19th, 2014]
- Tor Browser-in Yuklenmesi ve qurulmasi. - Video - November 26th, 2014 [November 26th, 2014]
- | | install tor browser on ubuntu 14 04 - Video - November 29th, 2014 [November 29th, 2014]
- Tor Browser 4.5-alpha-1 is released | The Tor Blog - November 29th, 2014 [November 29th, 2014]
- Como instalar o Tor Browser- Navegador da Deep Web/Annimo - Video - December 5th, 2014 [December 5th, 2014]
- [ExpertProf - THT]Tor Browser Kurulumu Ve Onion'a Girilmesi - Video - December 5th, 2014 [December 5th, 2014]