Oracle today announced the launch of the Internet Intelligence Map website; a source available for free that provides country-level connectivity statistics based on traceroutes, BGP, and DNS query volumes on a single dashboard. more
Over the past few years, cyberattacks and internet harassment have escalated against abortion clinics intended to disrupt services, intimidate providers and patients. more
Denmark experienced its largest-ever cyberattack in May, targeting the nation's critical infrastructure. SektorCERT, the Danish cybersecurity authority, reported breaches in 22 companies within days. Many resorted to 'island mode,' isolating themselves from the internet to contain the threat. more
U.S. Department of Homeland Security (DHS) and the FBI today released a technical alert based joint-effort analysis of methods behind North Korea’s cyberattacks. more
This is an update of my previous post on the subject. To be honest here, no one truly knows what's going on in Georgia's Internet except for what can be glimpsed from outside, and what has been written by the Georgians on their blog (outside their country). They are probably a bit busy avoiding kinetic bombing... more
'It could've been worse' is a fascinating expression. It implies that the incident in question obviously could have been worse than expected, however it also implies that it could have been better, ultimately leading to the conclusion that it was at least somewhat bad. So both fortunately and unfortunately for three Greek banks, the ransom DDoS attacks levied against them by hacker group the Armada Collective could have been worse. more
Clarivate has once again surveyed global business leaders about the importance of domain names to their organizations, including the role of domains as intellectual property (IP) assets. The 2020 survey followed up on our 2019 survey, revealing key year-over-year trends in how organizations manage, secure and budget for domain names. In this blog, we review key trends from the new report. more
With my post earlier this month about the possibility of SIP botnets [also featured here on CircleID], I've had a number of people asking about more information and wondering about the possible impacts. And while I will write more on botnets in general, as far as the potential impact of "botnets" in general, one need only look over at the current situation in Estonia... Now, perhaps Russia is behind the attack... perhaps not. There are obviously much larger political issues going on between the two states. more
NTIA issued a Request for Comments today asking for broad input from "all interested stakeholders, including private industry, academia, civil society, and other security experts," on actions against botnets and distributed attacks. more
Yesterday's DDoS attack against DNSimple brought to light a longstanding need for DNS nameserver operators to have an ability to unilaterally repudiate domains from their nameservers. The domains under attack started off on DNSMadeEasy, migrated off to DNSimple and took up residence there for about 12 hours, causing a lot of grief to DNSimple and their downstream customers. more
Eugene Kaspersky, CEO and co-founder of Internet security giant Kaspersky Lab said last week that "terrorists could build a botnet that could bring down the entire Internet structure". Mr. Kaspersky ended his speech with the statement that "a global cyber police force, and global cooperation between law enforcement agencies and governments is needed". This goes very much in accordance with some of the conclusions in the Cyberspace Policy Review more
It seems like the online Russian population is getting mobilized. Like a meme spreading on the blogosphere, the mob is forming and starting to "riot", attacking Georgia. This seems very similar to the Estonian incident, only my current guess is natural evolution rather than grass-roots implanted -- but I am getting more and more convinced of the similarities as more information becomes available. Determining exactly when the use of scripts by regular users started, is key to this determination. more
This post isn't about -- or isn't only about -- the use of computer technology to commit crimes. It's more about the use of computer technology to commit war. A few weeks ago, I was part of a conversation about the legal issues cyberwarfare raises. We were talking about various scenarios -- e.g., a hostile nation-state uses cyberspace to attack the U.S. infrastructure by crippling or shutting down a power grid, air traffic control systems, financial system, etc. Mostly, we were focusing on issues that went to the laws of war, such as how and when a nation-state that is the target of a cyberattack can determine the attack is war, rather than cybercrime or cyberterrorism. more
According to Kaspersky Lab, 2011 has seen "numerous DDoS attacks with a variety of motives," many of which will "go down in the annals of cybercrime." As we look ahead to 2012, it's worth examining some of those motives to see what they portend. more
The essence of information privacy is control over disclosure. Whoever is responsible for the information is supposed to be able to decide who sees it. If a society values privacy, it needs to ensure that there are reasonable protections possible against disclosure to those not authorized by the information's owner. In the online world, an essential technical component for this assurance is encryption. If the encryption that is deployed permits disclosure to those who were not authorized by the information's owner, there should be serious concern about the degree of privacy that is meaningfully possible. more
A World-Renowned Source for Internet Developments. Serving Since 2002.