The technology industry is a fickle area. As everyone knows, technology is constantly changing, hardware and software is obsolete in 6 months or less. For the hosting industry, this makes it very difficult to stay current with trends, and the newest advancements. However, there are several tactics one can use, to stay up-to-date, and for businesses to stay current.
In a multi-user Xenserver environment that’s using an LVM over iSCSI storage repository, it’s possible for one Virtual Machine to monopolize disk resources with a very large amount of IO requests. This is due to the default IO scheduler that Xenserver uses with iSCSI LUNs, NOOP. The NOOP scheduler is very simple and performs no reordering of requests. It’s used with iSCSI LUNs because the host assumes that the backing storage device serving the iSCSI target is able to more intelligently schedule incoming requests. This is good from an over-all performance aspect when everything is running smoothly, but not from a quality of service aspect once the the backing storage device is saturated. At this point one user with a high amount of IO requests can degrade disk performance for others users with virtual disks on that same LUN, and we’ll want to track it down.
By John E. Dunn
A growing number of the DDoS attacks that hit UK organisations in 2013 were probably diversions designed to distract defenders from attempted data breaches or frauds, a survey and analysis by mitigation firm Neustar has suggested.
Almost one in three of the 331 UK firms surveyed reported they had been victims of DDoS attacks during the period, up from about one in five the year before, with attacks getting longer, somewhat larger and more persistent.
The overwhelming majority of attacks lasted from a few hours to two days in duration, with very long-lived attacks of a week or more falling from 22 percent in 2012 to 9 percent in 2013.
Reflecting greater investment in defence, attacks have grown in size with 60 percent now anything from 1Gbps to 20Gbps or larger. As has been well documented, extremely large attacks of 100Gbps or higher are a new trend although at that size the nuisance value is quickly passed to service providers rather than enterprises.
Whenever we hear that one security loophole has been closed, another instantly materializes, and usually in a sneakier and more deceptive fashion. An emerging trend in DDoS attacks has pointed to a clever old trick being applied in a new fashion – spoofing. By spoofing traffic to resemble a Google crawler, something totally innocuous, hackers are bypassing virtually every safeguard employed by even the most seasoned IT professionals. When multiple crawlers all converge on a site, it creates a DDoS attack.
By Antone Gonsalves
The easy access Google’s Web crawlers have to sites is increasingly being exploited by cyber criminals in launching distributed denial-of-service attacks, a security vendor says.
Fake Web crawlers accounted for 4 percent of the total number of legitimate ones, called Googlebots, analyzed by Incapsula.
In investigating more than 50 million fake Googlebot sessions, Incapsula found about 34 percent were clearly malicious, with roughly 24 percent of those used in DDoS attacks against a website’s application layer.
A Googlebot is the search software Google uses to collect documents from the Web in order to build its searchable index. Googlebot requests to Web servers are identifiable through a user-agent, which is the online equivalent of an ID card.
Cyber criminals are creating imposter user-agents to trick Web servers, Incapsula said. While careful inspection would reveal the fakes, website administrators tend to be lax when it comes to Googlebots in order to get the highest possible rankings on the search engine’s results.
“Most website operators know that to block Googlebot is to disappear from Google,” Igal Zeifman, product evangelist for Incapsula, said in the company’s blog. “Consequently, to preserve their SEO (search engine optimization) rankings, these website owners will go out of their way to ensure unhindered Googlebot access to their site, at all times.
“In practical terms, this may translate into exceptions to security rules and lenient rate limiting practices.”
Incapsula has rated fake Googlebots the third most commonly used technology in DDoS attacks. The U.S. is the top source, followed by China and Turkey, respectively.
Identifying and blocking malicious Web crawlers involves using tools that can separate the fake and legitimate ones through their point of origin.
However, such technology carries an additional cost, due to the need for more processing power and software capabilities.
The findings were based on an analysis of 400 million search engine visits to 10,000 sites, which resulted in 2.2 billion page crawls over a 30-day period.
When clients look to outside companies to secure and back up their data, they come in with the expectation that the company practices what they preach. Unfortunately, marketing hype is not always the same as the actual service. In this case, the company was proudly marketing their “redundancy” and “multiple backups to off-site locations,” but the reality is that none of these services were in place to prevent one hacker from completely tearing down the system.
By only gaining access to the company’s Amazon EC2 account, whole swaths of data – including customer information and backups – were removed permanently. Now, with no credibility remaining and payouts to angry customers looming, there’s nothing left to do but shut down operations. If you were working with a company who specializes in security, and their security is lax, how angry would you be?
By Lucian Constantin
A code-hosting and project management services provider was forced to shut down operations indefinitely after a hacker broke into its cloud infrastructure and deleted customer data, including most of the company’s backups.
The customers of CodeSpaces.com, run by a company based in Wayne, New Jersey, called AbleBots, were informed Wednesday that their data might have been permanently lost following the compromise of the company’s account on Amazon’s Elastic Compute Cloud (EC2).
The devastating security breach happened over a span of 12 hours and initially started with a distributed denial-of-service attack followed by an attempt to extort money from the company.
The attacker also gained access to Cloud Spaces’ control panel on EC2 and deleted the company’s digital assets from Amazon’s infrastructure when the company tried to regain control of its account.
“We finally managed to get our panel access back but not before he had removed all EBS [Amazon Elastic Block Store] snapshots, S3 [Amazon Simple Storage Service] buckets, all AMI’s [Amazon Machine Images], some EBS instances and several machine instances,” Cloud Spaces said in an announcement on its website. “In summary, most of our data, backups, machine configurations and offsite backups were either partially or completely deleted.”
According to a cached version of the Cloud Spaces site, the company said that “more than 200 companies a week” used the service.
GigeNET recently received recognition in the July 2014 issue of CIOReview’s CIONetworking 2014 Most Promising Network Companies. Read the article below, or check out page 18 in the online version of the magazine.
The Internet has provided businesses across the world with a tool in which they can reach unprecedented growth and a broad audience they could never have reached 20 years ago. Since most companies now store and access their data and information via the internet, it has become subject to insecurity, scrutiny, and concern. Organizations today have become increasingly aware of threats initiated from the internet such as Distributed Denial of Service (DDoS) attacks that can deter the online services they offer. Additionally, several other web vulnerabilities have surfaced, becoming a point of contention for business leaders, including large scale infiltrations, personal privacy, and security.
Founded in 1997, Ameen Pishdadi started with a mission to deliver the whole range of hosting products that any consumer would require to offload their IT needs. Now specializing in preventing DDoS attacks, GigeNET uses its tools, support, and expertise and ensures the businesses remain online at all times. In addition, GigeNET provides dedicated and cloud hosting, hybrid computing, and co-location solutions. The company also offers superior network performance, 100 percent uptime guaranteed and EPIC support from their datacenters across the country. “We have been around since the first hosting companies have existed. We own and operate our own datacenter and network/fiber infrastructure, developing our own portal and automation software for our cloud services, and DDOS Security Services. We have a high performing and reliable network infrastructure that has not experienced a network wide outage in over six years,” says Ameen.
Offering Whole Range of Hosting Needs GigeNET, headquartered in Arlington Heights, IL, offers two unique DDoS protection services. The latest, Automated DDoS protection, "scrubs" incoming traffic, only passing legitimate requests to client’s servers. DDoS Proxyshield®,ideally suited for SMB’s, is the industry’s leading DDoS mitigation system and virtually wipes out even the largest attacks. For small and startup companies, GigeNET provides its services to fulfill their need of high performance servers on limited budgets. For clients looking for more robust solutions, GigeNET’s engineers can build complex hybrid solutions using combinations of all their products to meet client requirements. The company runs distinctive and lucrative partner programs, appealing to individuals, re-sellers, and commercial developers, including Affiliate, Re-seller, and Channel Partner Programs. GigeNET deliversa full cloud infrastructure backed by their support team who are available 24 hours a day, 7 days a week. Its services include Hybrid Solution integration, their TurboIO storage platform, account Snapshots, API Integration, flexible billing options,and IPv6 support. Looking forward, the company is planning to open new locations, pioneer innovative technologies, and developing new products for current and future clients.
By: Quentin Jenkins
The Spamhaus Project again offers congratulations and thanks to the law enforcement community in the matter of the massive Distributed Denial of Service (DDoS) attack perpetrated against our systems in March 2013 by a Russian-based anti-Spamhaus group calling themselves ‘Stophaus’, consisting of several individuals with grievances against Spamhaus for naming and blocklisting their cybercrime hosting enterprises, spam and botnet operations. This time we offer our congratulations and thanks to the UK’s National Cyber Crime Unit (NCCU), the cybercrime arm of the National Crime Agency (NCA). In a statement released on 27 Jun 2014, the NCA announced:
“A 17 year old male from London has today been charged with computer misuse, fraud and money laundering offences following a National Crime Agency investigation. He was arrested in April 2013 after a series of distributed denial of service (DDoS) attacks which led to worldwide disuption of internet exchanges and services. On his arrest officers seized a number of electronic devices.”
This was the first formal announcement of the arrest. The actual arrest occurred in 2013, shortly after the arrest of a Dutch national living in Spain. That individual has been charged by the Dutch Public Prosecution Service for leading and orchestrating the DDoS attack. That criminal case is proceeding to trial through the Dutch legal system.
At the time, the record-breaking attacks were initially directed at Spamhaus infrastructure such as websites, mailservers and nameservers. Then, over the course of the following two weeks, the attacks escalated to targeting Spamhaus’ supporting networks and services including various Internet exchanges. While the DDoS caused disruptions to our website, our hosts and DNS partners, the worldwide distribution of the Spamhaus anti-spam data that now protects over 2.2 billion mailboxes was never interrupted.
With two of the attackers now charged and awaiting trial, Spamhaus has hopes that the other conspirators, consisting of two United States nationals, two Russians and a Chinese national will also soon be charged. Several more spammers and cybercrime-involved server hosting company owners were peripherally involved and at this time most have been identified by both Spamhaus and law enforcement.
Carrying over from one of our previous posts, we get another look at just how easy it is to DDoS attack websites. Spamhaus, the online resource for spam was targeted in 2013 by an (at the time) 16 year old, and was briefly taken down by DDoS attacks. Quickly after, the perpetrator was arrested and charged. Looking forward, should we all be concerned at the potential threat of our sites being shuttered?
By: Adam Greenberg
A 17-year-old male from London was charged on Friday with computer misuse, fraud and money laundering offenses, according to a statement released by the National Crime Agency (NCA).
The NCA made the decision not to identify the teenager because he is a minor, but he was apprehended last year for his role in distributed denial-of-service (DDoS) attacks that led to “worldwide disruption of internet exchanges and services,” according to the statement.
Notably, the teenager was charged for his role in the March 19, 2013 DDoS attacks aimed at Spamhaus, a Dutch anti-spam group and international nonprofit, according to The Register.
In April 2013, the then 16-year-old attacker was taken into custody secretly by the National Cyber Crime Unit, but reports on the arrest did not start coming out until September 2013.
This article was originally published on SCMagazine.com.
Although most signs point to adoption of the cloud either stagnating or declining, it seems that cloud has taken a different path, establishing itself as an invaluable IT solution. Companies on the forefront of the cloud revolution are according to an IBM study, more likely to benefit from the decision then sticking with traditional computing methods. Cloud services are invaluable to our business at GigeNET, and make up a good portion of our computing and solutions. Have you adopted the cloud yet?
By: Joe McKendrick
In a recent post, Bernard Golden, one of the most respected thought leaders in the cloud space, asked the question: “Has cloud computing been a failed revolution?” He conveys the observation that Google search traffic for the term “cloud computing” peaked in 2011 and has trailed off since then.
It’s also notable that much of the excitement seen in the trade press and by analysts has shifted to the “Internet of Things” and “digital enterprise.”
Just because there’s less of a spotlight on it doesn’t mean that cloud has diminished in strength and appeal. If anything, it is becoming a necessity for organizations, just as phones and electricity are necessities. Bernard notes that “I certainly don’t think that cloud computing adoption is finished. Far from it. In fact, I’d say most IT organizations have barely started working with cloud computing, much less completed their journey.”
But IT is but one small piece of the cloud story. A much bigger story is coming from the business itself. The curtain is now opening on cloud computing’s second act, which is all business. But this is also the hard part.
By: Matthew Wall
UK county councils could be “wasting millions” on IT services they could buy more cheaply through the government’s central digital marketplace, research suggests.
In the 2012-13 financial year, county councils spent nearly £440m in total on IT services, including staffing costs, but just £385,000 of that through the government’s “G-Cloud” framework.
The G-Cloud initiative, launched in 2012, aims to shave £120m a year off the public sector IT bill by encouraging all public sector bodies to buy IT products and services through the government’s CloudStore digital marketplace.
Cloud services are “quicker, cheaper and more competitive”, according to Cabinet Office Minister Francis Maude, with some tech companies estimating that they can be 25% to 60% cheaper than traditional long-term IT contracts.
Despite this, G-Cloud is largely being ignored by county councils,
For example, Kent County Council, the biggest IT spender, committed £38.5m to IT services in 2012-13, but just £94,750 of that went through G-Cloud.
Similarly, Hampshire County Council spent £38m, but nothing through G-Cloud.