Tag: ddos attack

  • Are cyber attacks still being conducted the same way in 2025? Top 8 cyber attack methods explained

    Are cyber attacks still being conducted the same way in 2025? Top 8 cyber attack methods explained

    New year, new threats? Hackers have not slowed down their efforts year over year, in 2024 the average cost of a data breach rose to 9.36 million US dollars. Of course this is taking into account the massive breaches that occurred last year with one attack costing the company that was targeted $500 million dollars.

    Still, even for smaller businesses the average cost is usually somewhere between $120,000 to $150,000 – no small sum. Year over year though, the types of attacks haven’t changed even if they’ve become more effective in scale. These top 8 attack methods remain the same (with the first one leading in effectiveness by a landside):

    1. Phishing: Phishing remains the top attack vector in 2024, with 90% of attacks still starting with a phishing email. Our advice on how to spot a phishing email has also stayed the same.
    2. Ransomware comes in second and is preceded by a phishing email 40% of the time. In 2024 the largest single ransomware payment of all time was made to the “Dark Angels” ransomware group to the sum of $75 million.
    3. Denial-of-Service (DoS) attacks are not a new player to the game, but they are part of an overall strategy we’ve seen by attackers to weaponize operational technologies to cripple businesses – either for a payout or just to send a message.
    4. Man-in-the-middle attacks involving intercepting private conversations or data between one or two parties, a good example of this is an attacker setting up a fake Wi-Fi connection or intercepting unencrypted HTTP connections to gain user login information to a website.
    5. SQL Injection attacks are a difficult one for consumers to guard against as they’re conducted on the backend of a businesses website or database and involve “injecting” malicious code. If you’re a business owner, it’s crucial to work with competent developers when creating consumer facing websites (especially if you’re collecting sensitive data through them).
    6. Cross-Site Scripting Attacks are again difficult to guard against, these attacks are also extremely inconspicuous as the attacker in effect sets up a honey pot on the victim’s server or website and waits for it to collect data from the site’s users. Again, it’s crucial to work with a competent developer and IT provider when to protecting your data both internally and from being externally exploited.
    7. DNS Spoofing involves redirecting users from the site they were intending to visit to an unknown site where their data can be collected (usually login information for the site they intended to navigate to). One trick for telling if the page you’re on is secure is to look for the little lock symbol in your navigation bar, this is a sign the page you’re on is using a secure connection.
    8. Zero Day Exploits are the most difficult to protect against as they are attacks that are literally exploited the same day they’re discovered. Hackers are constantly looking for new ways to access your systems, and even if you’re a small business you’re never too small to be of use to them (even if it means leapfrogging past you to exploit your customers).

    There is never a better time than the start of the year to evaluate your technology systems for improvements, at Valley Techlogic we can provide you with a comprehensive report on our recommendations for your business as well as a tailored plan to bring your business up to date in 2025. Schedule a consultation today.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.

  • Toothbrush or threat vector? Turns out it was both for 3 million smart toothbrushes utilized in a recent DDoS attack

    Toothbrush or threat vector? Turns out it was both for 3 million smart toothbrushes utilized in a recent DDoS attack

    When it comes to cyber attacks it seems like anything can be utilized (see Amazon Fire Stick on the recent attack on Rockstar Games) but even our toothbrushes?

    It’s true, while details are still coming out it’s been reported that 3 million malware infected toothbrushes were used to bring down a Swiss company’s website at the cost of millions of Euros.

    No details have emerged yet on either the brand of toothbrush or the specific company that was targeted but we know the toothbrushes were running on Java which is a popular operating system for IoTs (Internet of Things) devices.

    It highlights the point that any device connected to the internet can be used for malicious intent. We’ve all probably heard about threat actors utilizing home security cameras or baby monitors to gain unwanted access to our homes or to just be creeps. Or how about the study on smart fridges that found out they were collecting a lot of your data unknowingly.

    With so many of us having smart devices scattered throughout our homes it’s long overdue that we think about what security needs to be in place to prevent these devices from being a danger to us or others. That includes both the obvious devices like our computers and the less obvious devices like our internet connected home gadgets.

    In a recent study by the SANS Internet Storm Center they tested how long it would take for an unprotected, unpatched PC to become infected with malware when exposed to the internet. Their calculations came back that it would only take 20 minutes on average for that PC to be infected, this is down from 40 minutes back in 2003.

    Even if you consider yourself tech savvy and “careful”, attackers are relentless when it comes to looking for the latest exploits and staying ahead of the curve. It’s the unfortunate truth that they can put more time into their nefarious activities than you as a business owner can dedicate to outsmarting them.

    For them it’s a numbers game and the more nets they cast and the more avenues they look for to gain access the more likely they are to be successful, and even items such as a toothbrush are not safe.

    That is, unless you follow these steps when securing your network and IoT devices.

    On top of these simple steps to secure your network and maintain your devices, you can also work with a provider like Valley Techlogic.

    We utilize best in class tools that prevent cyber attacks from occurring in the first place. Our partners have the resources to stay on top of and mitigate threats (even zero-day attacks) and with ongoing maintenance included in our service plans we can prevent your devices from becoming a threat vector to you or to another business.

    Schedule a meeting with us today to learn more.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Google blocked the largest DDoS attack ever, peaking at 46 million requests per second

    Google blocked the largest DDoS attack ever, peaking at 46 million requests per second

    While it’s just now being reported on, the DDoS attack on Google Cloud occurred on June 1st and lasted for 69 minutes – reaching a peak of 46 million requests per second.

    Source: Google Cloud

    We’ve covered Distributed Denial of Service (DDoS) attacks before in this blog, but the scale of this one is mind boggling. It’s nearly twice the size of Cloudflare DDoS attack from last year around this same time, which peaked at 26 million requests per second (sent from just over 5000 devices).

    If you’re wondering where the devices used in these attacks originate from, the answer in this case is unsecured devices. Specifically compromised Mikrotik routers.

    There’s been a number of articles regarding possible compromises to the Mikrotik brand of router including one instance that involved over 200,000 devices. Many in the security space wondered if there would be a fallout from that and now, we have our answer.

    However, what’s more impressive is not the scale of this attack, but the fact that it was successfully blocked by Google.

    Botnet attacks of this nature are not rare, it’s difficult to say exactly how many attacks occur per day but it has been noted they’re on the rise since the Russian invasion of Ukraine. A botnet is essentially an assembly of compromised devices that are used to attack a target. DDoS attacks are one of the most common uses, but they’re also used for phishing, cryptomining, or to bruteforce passwords just to name a few. The largest botnet ever recorded belonged to Russian BredoLab and consisted of 30,000,000 devices.

    Would be bad actors can even purchase DDoS as a service for as little as $5 per hour which should give you an indication how prevalent and common they are as an attack vector.

    Google blocked this attack by leveraging their Cloud Armor product, a network security service directly aimed at preventing DDoS attacks. If they were looking for a powerful case study for the effectiveness of this product, we can think of no better example then effectively blocking the largest DDoS attack in history (so far).

    Part of blocking a DDoS attack is early detection. DDoS attacks ramp up, if you can detect an incoming flux of peculiar traffic to your network you can block the attack before it’s able to scale up and cripple your network.

    Besides blocking potential attacks, the other side of the coin is not becoming an unwilling participant in a botnet through a compromised device in your home or business.

    The sinister part of it is you may not even be aware your device is compromised and it’s not just mobile devices and personal computers that can be affected, even IoT (Internet of Things) devices can be hacked. There are a few things you can do to prevent your devices from being taken over by hackers as we outline in the chart below:

    If your business needs assistance with protecting from any potential attacks or making sure your devices stay uncompromised, Valley Techlogic can help. All of our plans include robust cybersecurity protections at no additional charge, including assisting in your cyber security training goals (after all, human error is the #1 cause of data breaches). Schedule a consultation today to learn more.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • How the war in the Ukraine is being fought on the digital front

    How the war in the Ukraine is being fought on the digital front

    We’ve all been exposed to the ongoing crisis occurring in the Ukraine as Russian forces have made their way into the country and are heavily attacking major Ukrainian cities as they attempt to gain control of the capital city of Kyiv, causing nearly a million Ukrainian citizens to seek shelter in neighboring countries as of the time of writing.

    The Ukrainian forces have been inspiring the world as they defend their country from this unprovoked invasion, and that defense is also occurring on the cyber front. We’ve reporting ourselves from time to time on Russian hacking gangs and their effects on the US. The Ukraine is not only defending their digital infrastructure during this war, but they are also responding offensively with what’s being dubbed the “IT Army”.

    These volunteers to the Ukrainian government are conducting attacks on Russian led websites – some of which are currently serving propaganda on what’s really happening in the Ukraine to Russian citizens – and bringing those websites down. These also include sites belonging directly to the Kremlin and the Russian Ministry of Defense and more.

    DDoS attacks are also occurring on Russian targets, being conducted by the hacker group Anonymous. They’ve made claims they’ve succeeded in taking down 1,500 Russian led websites and dumping more than 40,000 private Russian files on the Dark Web, including ones that came from the countries Nuclear Safety Institute.

    SpaceX has also jumped into the fray, responding to pleas from the Ukrainian government to add Starlink as an option to keep necessary internet services online in case of a Russian disruption to the service. SpaceX quickly delivered 48 Starlink satellites with more on the way.

    Also, in a move that’s literally slowing things down inside of Russia, it was discovered that a Russian led company had outsourced the main component of their EV charge stationed on along a major motorway between Moscow and St. Petersburg. The Ukrainian company that built the components used a backdoor to hack the machines, shutting them down and displaying anti-Putin messaging on the screen.

    The Ukraine’s IT Army is also requesting assistance through the use of a Telegram channel belonging to the group, which as of time of writing has over 275,000 users. The IT Army is providing live updates on successful attacks on Russian led targets as well as attempting to communicate with Russian citizens as Russia leads a disinformation campaign has tried to unsuccessfully stifle public outage on this war.

    It’s unclear what the outcome to the ongoing conflict will be at this moment, but this is an unprecedented moment in time marking the first time a war has a significant public digital elements involved.  We’re all aware at this point of Russia’s hacking capabilities, but it will be interesting to see if their abilities are strictly offensive as they’re now on the receiving end of the attacks.

    We’ve created this timeline of notable Russian hacking gang linked cyber attacks that have occurred against the US and other countries in the last 15 years.

    Russian Hacking In The Last 15 Years
    Click to view the full size version.

     

    We want to make a note that there has been some concern that this ongoing war between Russia and the Ukraine may lead to more cyber attacks on the US as the Russian economy has been significantly destabilized by sanctions enacted against Russia as a response to their attack on the Ukraine.

    We’re uncertain if this will end up being the case, but if you’re having cybersecurity concerns for your business or just need some peace of mind, we would be more than happy to provide a consultation. You can schedule one here.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Yesterday, Facebook experienced their worst outage since 2008

    Yesterday, Facebook experienced their worst outage since 2008

    Yesterday if you were trying to login to Facebook, Instagram, WhatsApp or even Oculus VR you wouldn’t have had much luck. Facebook experienced their worst outage since 2008 (when a bug caused the site to be down for an entire day). They were down for just over 6 hours as a world that suddenly found themselves with more time on their hands speculated why.

    For a brief period, the domain Facebook.com was even for sale if you performed a search for the domain on a domain name search website.

    While many thought it could be an attack on their networks, such as what’s been happening in the VoIP sector lately, others speculated the outage was related to the fire Facebook has been under lately for their business practices.

    On Sunday, Facebook whistleblower Frances Haugen – a former Facebook project manager – went public on how Facebooks policies prioritize profits over their user’s wellbeing. She was the person responsible for the massive data dump that showed Facebook’s algorithms even optimize for hate speech. She noted these problems also exist at Google and Pinterest, other companies she’s performed similar duties for, but that the problem is much worst at Facebook.

    Mark Zuckerberg Meme
    There have been no shortage of memes taking shots at Facebook founder Mark Zuckerberg following the outage.

    Hearings begin this week analyzing the whistleblower findings, particularly as they relate to children on these sites. Amid the controversy Facebook has shelved plans for an Instagram Kids app, though Facebook claims the delay is so they can better analyze the needs of children and parents before moving forward with the app.

    The main crux of the case has to do with both the deluge of data and how major players such as Facebook (and likely beyond) serve that data to their users. It’s a tricky situation because you don’t want to stifle free speech but promoting hate speech and negative imagery, especially to vulnerable audiences such as children, is also wrong.

    There is so much more to the case then we can get to here but suffice to say hearings such as these play an important role in how we as a society consume and regulate data.

    Back to the topic at hand though, after being down for 6 hours Facebook finally emerged although they did so with little in the way of answers as to why their domains were down to the first place. They’ve issued an apology for the outage but beyond that silence.

    Experts who have weighed in speculate the issue had to do with Facebooks DNS (Domain Name System), and anonymous comments that have surfaced from employees said they don’t think the downtime was caused by an attack.

    Some reports have even said during the outage functions inside Facebook offices ground to a halt, with some employees being unable to even use their keycards which could have also contributed to the lengthy delay in fixing the problem.

    Outages such as these should cause even smaller businesses to take a hard look at their technology practices. If Facebook, with the resources they have available, can be brought to a standstill for hours over potentially a small issue such as DNS how would your business fare when faced with a similar issue?

    Downtime adds up, but it doesn’t have to. Having a partner in technology like Valley Techlogic is the number one way your business can avoid the hassle, expense, and embarrassment of lengthy downtime. Find out more today.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, adns, n IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Massive DDoS Attacks Cripple VoIP Services

    Massive DDoS Attacks Cripple VoIP Services

    If you use VoIP in your business, you may have been affected by service outages so far this week.

    That’s because Bandwidth.com, a major hosting provider for VoIP services such as Accent, Ring Central, Twilio and more has been under assault by a major distributed denial of service (DDoS) attack. While they’re working tirelessly to reroute call streams, as of Tuesday outages were still occurring nationwide.

    Distributed Denial of Service (DDoS) attacks are not a new occurrence in the VoIP world, hackers regularly target VoIP services in an effort to gain a ransom to make the attacks stop. Canadian VoIP provider, VoIP.ms, has been under siege since last week by a DDoS attack being performed by the hacking group REvil.

    REvil, a Russian linked ransomware gang, was also responsible for the attacks on Kaseya that made major news in July. They are demanding $4.5 million from VoIP.ms to end the attacks but so far VoIP.ms is holding firm and not giving in to the demands.

    You may be wondering what happens during a Distributed Denial of Service (DDoS) attack or even what a DDoS attack is. During a DDoS attack hackers flood the target networks with service requests, bogging down the systems until they either slow to a crawl or go offline completely due to the overload.

    To put some context behind it, Cloudflare a cybersecurity oriented service provider that helps websites mitigate DDoS attacks were themselves hit by a DDoS attack last month that served their website 17.2 million requests per second. The real target of the DDoS attack, a financial customer of Cloudflare, was served 330 million attack requests in seconds. Most websites and online servers cannot bear the brunt of that many requests instantaneously.

    VoIP providers are an easy target for ransomware, cutting off communications to the outside world for those who are affected is a tangible problem that creates a heightened sense of urgency. The same urgency cannot be replicated from your business’s website being down for a while, though the loss of revenue that may occur from that should not be overlooked. For some business’s that loss can equal as high as $250,000 hourly.

    You may be thinking, I can’t have my phones go down I’ll just switch back to a landline provider even if the cost is higher and it would lack many of the features acquired with VoIP. I’m sorry to say It would do you no good.

    Nothing is truly cut off from the web these days, even your typical landline phone utilizes a web-based connection somewhere down the line. POTS aka Plain Old Telephone Service which performed phone services over copper wires is going the way of the dodo in most places.

    The FCC even called for a mandatory termination of POTS lines In 2014. As of 2018 only 5% of the country was landline only.

    To sum it up, avoiding the internet when it comes to making phone calls is no longer a possibility. With that said we understand that having your phone lines down is disruptive and unnerving. We’ve created this checklist with steps to take if you find your phone service down.

    If you don’t have a service provider to reach out to in the event of a service outage, we can help. We are proud of our VoIP service solutions and the reliable uptime we maintain for our clients. You can learn more about our VoIP services here. We even have a promotion for new customers. ?

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.