News: Allstate Illinois Data Center Achieves LEED Gold Certification
Blogs: M&M’s --- Part I - This stands for Marketing and Money
Blogs: Sometimes not making money is ok....
(WEB HOST INDUSTRY REVIEW) -- Last year's take down of notorious spam host McColo was arguably the defining moment in online justice for the year. Heartening for the online community and those fighting malware and the proliferation of spam, McColo's demise offered only a short reprise from online threats.
This year, new threats took the place of many of fading botnets such as Storm, and they are approaching their predecessors' ability to disrupt and scam. Cutwail, for instance, sends a wide variety of spam, including pharmaceuticals, replica watches, online casinos, phishing mule come-ons and malware.
Even though spam levels are down from this same time last year, spammers and bot herders will continue to plague the Internet until those responsible face prosecution for their crimes. For the time being, however, many more institutions are picking up the fight and are actively attempting to counter the botnet threat, in one way or another.
Federal Sites Taken Down In July 4 Attack
Two-hundred-and-thirty-three years after the US declared its Independence, the websites for several of its government agencies, including some that patrol cyber crime, were under the threat of a denial of service attack that made many of these sites slow or accessible for as many as three days after July 4, signifying an unusually lengthy and sophisticated DoS attack.
The Treasury Department, Secret Service, Federal Trade Commission and Transportation Department websites were down at various periods beginning on the holiday weekend, according to the Associated Press, which spoke to officials inside and outside the government, who also noted that some sites were still experiencing problems as recently as Tuesday evening.
The DoS attack, however, was not confined to government agencies, affecting other Washington DC such as The Washington Post (www.washingtonpost.com) and its Security Fix blog (voices.washingtonpost.com/securityfix). Security Fix blogger Brian Krebs said The Post had been under attack by roughly 60,000 compromised PCs from around the world, running malicious software that orders them to visit targeted websites over and over, rendering them unreachable to legitimate visitors.
SecureWorks (www.secureworks.com) malware research director Joe Stewart told Security Fix that the attack is hitting various sites in the US and South Korea simultaneously. The mysterious attack contained few clues of its origins, except for a cryptic line of text buried in the malware, which reads "get/china/dns."
Security and monitoring firm Keynote Systems (www.keynote.com) said the Transportation Department site was completely offline for two days. Internet technologies director Ben Rushlo told the Associated Press that the FTC site, which started to come back online late Sunday, July 5, was still inaccessible 70 percent of the time on Tuesday.
"This is very strange. You don't see this," he told the Associated Press. "Having something 100 percent down for a 24-hour-plus period is a pretty significant event... The fact that it lasted for so long and that it was so significant in its ability to bring the site down says something about the site's ability to fend off (an attack) or about the severity of the attack."
FTC Takes Down Web Host 3FN
In June, the US Federal Trade Commission (www.ftc.gov) took down web host 3FN for allegedly hosting, and actively participating in knowingly distributing spam, phishing schemes, botnets, child pornography, and other harmful electronic content. The FTC alleges that more than 4,500 malicious software programs are controlled by command-and-control servers hosted by 3FN, which could be used to log keystrokes, steal passwords and data, provide hidden backdoor remote control activity, and send spam.
3FN, however, countered the FTC's claims, accusing the FTC of providing no prior warning to its shutdown, and unfairly targeting it because of its associations with the Ukraine, which has a reputation for hosting malware and online crime. Max Christopher, a spokesperson from Pricewert, the company that operates 3FN, told Network World that the company was unaware of the FTC's actions and it had made no communications until 3FN was offline, costing the company its reputation and many of its customers.
According to the Network World report, Christopher said Pricewert is being blamed for its customers' actions, and has, in the past, tried working with the authorities, including the FBI, to resolve problems brought to their attention.
In the end, it seems that 3FN, was in fact hosting a great deal of spam using the Cutwail botnet. Spam researchers at at Spamhaus.org said the shutdown of 3FN caused an immediate collapse in Cutwail spam.
They note, however, that 3FN's disappearance is like a drop in an ocean. "[A]s it was only one spambot of many, its collapse is not particularly apparent in total spamtrap flow," Spamhous.org stated.
This incident, however, remains significant because it foreshadows a new era of strong-armed government involvement in the international policing of cyber crime - for better or worse.
Researchers Spot SSL Security Flaw
Researchers presenting at July's Black Hat security conference (www.blackhat.com) in Las Vegas said they had uncovered vulnerabilities in the issuing process for SSL certificates that could allow attackers to pose as any website.
IOActive researcher Dan Kaminsky and independent researcher Moxie Marlinspike presented identical findings in separate presentations. Working separately, both Kaminsky and Marlinspike demonstrated that an attacker can legitimately acquire an SSL certificate with a special character in the domain name, enabling them to fool nearly all browsers into thinking it is whatever site the attacker wants it to appear to be. For instance, they can request an SSL certificate for a subdomain of a site they owns, such as Paypal.com\0.sslscam.com, using the null character, "\0". This tricks many browsers into thinking that this SSL certificate belongs to the actual PayPal.com website.
The major browsers had to react to these new findings. For instance, while Firefox version 3.5 is not vulnerable, Mozilla had to patch version 3.0.
IBM To Buy Database Security Firm Guardium
In November, technology services provider IBM (www.ibm.com) said it would be buying database security start-up Guardium (www.guardium.com), which marks a big step towards IBM becoming a major player in the market for solutions that shield corporate applications from malicious users when it. worth around $225 million according to reports.
A subsidiary of Israel's Log-On Software (www.log-on.com), Guardium was founded in 2002, and has raised $21 million in venture capital from funds such as Ascent Venture Partners, Israel's StageOne Ventures and Veritas, and Cisco Systems. It moved to Boston in 2003, and has grown to have roughly 60 employees, who will each profit from the sale.
This deal promises to bolster Guardium's solutions using IBM's backing, and in turn add new revenue streams for IBM. The synergies between the two companies could also eventually result in cloud-based database solutions fit for even the most demanding of enterprises.
Twitter Hacked and Defaced by "Iranian Cyber Army"
As tempers still raged surrounding this year's hotly disputed presidential election results in Iran, popular social networking site Twitter was hacked in December by a group calling itself the "Iranian Cyber Army." Twitter emerged in June as a yet unfiltered source for news and opinions on the election, over which incumbent president Mahmoud Ahmadinejad claimed victory despite protests that the election was rigged.
The Iranian Cyber Army apparently decommissioned Twitter for a period of nearly an hour by redirecting its DNS to a compromised free account reportedly hosted with traffic management service DYN (www.dyn.com). The Iranian Cyber Army appears to be a radical Shiite group.
This act of "cyber terrorism," while certainly not the first, illustrates how the motivations behind spam and malware are not only monetary, but also political. As world conflicts heat up on land, they create unrest online as well. This will be something to watch for in 2010.
Read Back Issues of WHIR Magazine
October 2009 - Web Hosting's All Star Team
This has been, for us, one of the most interesting, exciting and challenging build-ups to an issue of the magazine yet, Web Hosting's All Star Team. The balloting process was our first experiment with a kind of user participation we're planning to do a lot more with in the months to come. We had thousands of ballots submitted, with hundreds of write-in suggestions and a demonstration of user engagement that has us feeling super positive about the project.
About This Issue | Read Digital Edition
July 2009 - What am I Worth?
One of the interesting luxuries of working on a project like the printed WHIR magazine is that it allows us to play with things like our point of view from one issue to the next. In recent months we've been giving added attention to the kind of practical and applicable advice aimed at smaller hosts and resellers. This issue carries on with that point of view, asking, in our cover story, "what am I worth?" It's a complicated question without a clear-cut answer.
About This Issue | Read Digital Edition
May 2009 - The Blueprint for a Small Web Host
I was a little surprised by how difficult it became to see this idea through. We set out to assemble a blueprint for a small hosting business, but butted up pretty quickly against the general impossibility of covering all the territory that was out there to be covered. The basic constraints of a printed magazine, and the less-than-infinite amount of time we had available forced us to face the fact that we could never produce an exhaustive guide to starting a hosting company.
About This Issue | Read Digital Edition
Comment anonymously or log into your WHIR account
Logging in allows enhanced commenting features (such as external linking) in news, features, blogs and more.