Neverquest: A global threat targeting Financials

By: ASERT Research Team On March 31st, Arbor’s Security Engineering & Response Team (ASERT) published a detailed threat brief on the Neverquest malware for Arbor customers. Along with thousands of IOC’s (indicators of compromise), the brief details Neverquest’s current inner workings and describes some reversing techniques ASERT uses to unravel and monitor this stealthy and […]

DDoS Attacks in the Wake of French Anti-terror Demonstrations

Kirk Soluk

On January 15th, France’s chief information systems defense official, Adm. Arnaud Coustilliere, announced a sharp rise in online attacks against French web sites: “Calling it an unprecedented surge, Adm. Arnaud Coustilliere, head of cyberdefense for the French military, said about 19,000 French websites had faced cyberattacks in recent days, …” [1]. As we’ve done in […]

DDoS Activity in the Context of Hong Kong’s Pro-democracy Movement

Kirk Soluk

In early August, we examined data demonstrating a striking correlation between real-world and online conflict [1], which ASERT tracks on a continual basis [2-7]. Recent political unrest provides another situation in which strong correlative indicators emerge when conducting time-series analysis of DDoS attack data. The latest round of pro-democracy protests in Hong Kong began on […]

Introducing the Digital Attack Map

Dan Holden

What our ATLAS data highlights is just how commonplace DDoS attacks have become – both in terms of frequency but also in terms of how many Internet users are impacted by DDoS. It’s not just a problem for large, global organizations and service providers, but anyone with an Internet connection can be caught in the […]

Syria taken offline

Darren Anstee

ATLAS is Arbor Networks innovative, one-of-a-kind Internet monitoring system. ATLAS is a collaborative effort with 250+ ISPs globally who have agreed to share anonymous traffic data on an hourly basis (leveraging Arbor’s technology that sits on ISP networks), together with data from Arbor dark address monitoring probes, as well as third-party and other data feeds. […]

Lessons learned from the U.S. financial services DDoS attacks

By Dan Holden and Curt Wilson of Arbor’s Security Engineering & Response Team (ASERT) During the months of September and October we witnessed targeted and very serious DDoS attacks against U.S. based financial institutions. They were very much premeditated, focused, advertised before the fact, and executed to the letter. In the case of the September […]

Snapshot: Syria’s Internet drops, returns

Darren Anstee

The Arbor ATLAS system leverages Arbor Networks’ world-wide service provider customer base to gather data about Internet traffic patterns and threats.  Currently 246 of Arbor’s customers are actively participating in the Arbor ATLAS system, and are sharing data on an hourly basis. The data shared includes information on the traffic crossing the boundaries of participating […]

How likely is a DDoS Armageddon attack?

Carlos Morales

The recent DDoS attacks against many of the North American financial firms had some unique characteristics that put a strain on the defenses in place and resulted in a number of well publicized service outages. The escalating threat is not new.  It’s been steadily building up over the last few years as botnet command and […]

ATLAS October Snapshot

DDoS attack size continues to rise with average attacks hitting the 1.67 Gbps range, a rise of 72% year-over-year. This data comes from ATLAS, is an innovative partnership with our customers who share traffic data with us on an anonymous basis. It’s through ATLAS that we’re able to deliver unparalleled visibility into the backbone networks […]