NSA Director nominee wants every branch of the military to have a dedicated cyber attack force

It seems like President Obama was pretty serious about that cyber attack list he drew up last year -- his nominee candidate for NSA Director, Admiral Michael Rogers, just told the Senate that the military is building several new cyber combat units. Rogers, who is slated to both take over at the NSA and head the United States Cyber Command, spent several hours answering to the Senate Armed Services Committee this week, explaining his views on national security and his desire to be "as transparent as possible with the broader nation about what we're doing, and why." This included a detailed account of the need to create dedicated cyber attack divisions to supplement traditional ground, naval and air forces, which he says will help act as a deterrent to countries that see the United States as an easy target. "Clearly, Cyber will be an element of almost any crisis we're going to see in the future," he told the Senate. "It increasingly is becoming a norm."
0 Comments Share

Source: New York Times

Tags: cyberattack, cyberwar, military, nsa, senate Next: Starbucks app to let you pre-order your coffee later this year .fyre .fyre-comment-divider

View the Original article

Meetup’s Multi-Day Outage Was Due To A Newer, More Powerful Type Of DDoS Attack

A bit of follow-up on Meetup’s DDoS (denial of service) attack which saw the company’s website and accompanying mobile services down for several days: according to the company, this was an example of the increasingly common NTP-based DDoS attack. Explains CloudFlare CEO Matthew Prince, who stepped in to help Meetup get back online, NTP-style attacks are a newer choice among criminals when it comes to producing the DDoS flood that can crash websites, and they’re far more powerful, too.

In a nutshell, DDoS attacks attempt to crash servers, usually web servers, by sending a barrage of traffic to overwhelm the receiving ports. The servers crash under the load, taking websites and services down with them. In the past, such as with the high-profile Spamhaus DDoS attacks last year, the previous favorite vector for criminals instigating these attacks was DNS – that is, they would amplify their attacks using the DNS infrastructure.

But now, attackers are beginning to exploit flaws in other, older Internet protocols that were not originally secured particularly well. In Meetup’s case, the attackers use the NTP – or Network Time Protocol – which is a protocol that’s use to sync time clocks between multiple servers.

“The size of the attack was large enough that just about any organization, short of Google or someone with a network like CloudFlare, would have struggled to stay online,” explains Prince. “

View the Original article

Yahoo users exposed to malware attack

Users clicking on some ads are redirected to sites armed with code that exploits vulnerabilities in Java and installs a variety of different malware.

View the Original article