Pentagon to Wage War on DDOS Attacks

ddos-timeline-100255289-orig.jpg

By next spring, researchers are expected to unveil new tools enabling the U.S. Defense Department to make a rapid response to distributed denial-of-service attacks. 

The Pentagon has in mind a three-pronged counterattack against a decades-old form of cyber assault that continues to paralyze government and industry networks, despite its low cost of sometimes $10 a hit.

Beginning next spring, military-funded researchers are scheduled to produce new tools that would quickly enable organizations to bounce back from so-called distributed denial-of-service attacks. A recovery rate of at most 10 seconds is the goal, according to the Defense Department.

Today, attackers have a relatively easy time aiming bogus traffic at computer servers to knock them offline. One reason is that computer systems often are consolidated, making for a wide target area. Another weakness is the predictable behavior of systems that support Web services. And finally, certain types of DDoS attacks that evince little malicious traffic go undetected. 

Researchers chosen by the Defense Advanced Research Projects Agency will attempt to deny attackers such openings through a three-year program called Extreme DDoS Defense, according to Pentagon officials. The tentative start date is April 1, 2016. 

The stability of agency operations, banking, online gaming and many other daily activities are at stake here.
A DDoS attack against Estonia in 2007 allegedly orchestrated by Russian-backed hackers downed government and industry Internet access nationwide for two weeks. More recently, crooks have begun offering Luddites DDoS-for-hire services at subscription rates of $10-$300 a month, according to journalist Brian Krebs. 

Lizard Squad, a major provider, allegedly was behind several persistent attacks on online gaming services Xbox and PlayStation. A string of 2011 cyber assaults against Wall Street banks, including Capital One and SunTrust Banks, was attributed to Iranian hackers.

Just this month, at the annual Black Hat security conference in Las Vegas, Trend Micro researchers said they observed attackers trying to overpower systems in Washington that monitor the physical security of gas pumps. Luckily, the devices were fake “honeypot” traps.
“Responses to DDoS attacks are too slow and manually driven, with diagnosis and formulation of filtering rules often taking hours to formulate and instantiate. In contrast, military communication often demands that disruptions be limited to minutes or less,” DARPA officials said in an Aug. 14 announcement about the new program.

The funding level for the project was not disclosed, but multiple grants are expected to be awarded. Interested researchers must submit proposals by noon Oct. 13. 

XD3 will endeavor to thwart DDoS attacks by “dispersing cyber assets” in facilities and on networks, officials said. Currently, the problem is that cloud computing arrangements and other critical infrastructure systems “rely heavily on highly shared, centralized servers and data centers,” they added.
The new tools also will try “disguising the characteristics and behaviors of those assets” to complicate the planning of DDoS launches, officials said.

The trick with so-called “low-volume” DDoS attacks is they do not look like traffic overloads. The external computer messages seem benign but are actually exhausting a system’s memory or processors. One workaround here might be sharing information among systems that then can “decide collectively whether attacks have occurred, and/or to determine what mitigations might be most effective,” officials said.
One group of XD3 researchers will be assigned to inspect the designs for unintended security holes.
Anyone wanting to be a reviewer must hold a top-secret clearance, according to the contract rules.
“The objective of design reviews is the proactive identification of weaknesses and vulnerabilities that would reduce the effectiveness of DDoS attack detection or mitigation,” officials said. The idea also is to “apprise performers of potential DDoS attack methods or features that they might not have considered.”

DefenseOne: http://http://bit.ly/1ISZeHI

« Pentagon Increasing Drone Flights By 50%
Hackers Target Saudi Government Websites »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Zadara Storage

Zadara Storage

Zadara provide complete data backup and protection delivered as a fully-managed service.

Cyber Threat Intelligence Network (CTIN)

Cyber Threat Intelligence Network (CTIN)

CTIN provides cyber threat intelligence services including training, platform evaluation, ISAC/ISAO systems development and counter botnet operations.

sic[!]sec

sic[!]sec

sic[!]sec provide products and services for web application security.

Grimm Cyber

Grimm Cyber

GRIMM makes the world a more secure place by increasing the cyber resiliency of our client’s systems, networks, and products.

StackRox

StackRox

StackRox delivers a container-native security platform that adapts detection and response to new threats.

Corvus Insurance

Corvus Insurance

Corvus' mission is to create a safer, more productive world through technology-enabled commercial insurance.

Montimage

Montimage

Montimage develops tools for testing and monitoring networks, applications and services; in particular, for the verification of functional, performance (QoS/QoE) and security aspects.

Dual Layer IT Solutions

Dual Layer IT Solutions

Dual Layer offer a full range of IT Services and Solutions for businesses from IT infrastructure design to cloud/hosted solutions, cybersecurity, disaster recovery and IT training.

IFE Digital Systems

IFE Digital Systems

IFE Digital Systems conducts research, development and consultancy in risk, safety and security related to digital systems in critical infrastructure.

CYBAVO

CYBAVO

CYBAVO is a cryptocurrency security company founded by experts from the cryptocurrency and security industries.

Y-PARC

Y-PARC

Y-PARC is a center of excellence for cybersecurity, precision industries and medtech, fostering innovation and development and support for startups.

M12

M12

M12 (formerly Microsoft Ventures) is the corporate venture capital subsidiary of Microsoft.

Acora

Acora

Acora provide a range of best-in-class managed services, Microsoft-centric business software, and cloud solutions designed to help mid-market organisations succeed in the digital economy.

Paragon Cyber Solutions

Paragon Cyber Solutions

Paragon Cyber Solutions provides specialized security risk management and IT solutions to protect the integrity of your business operations.

Multipoint Group

Multipoint Group

Multipoint is an information security and protection solutions company operating in the South EMEA region through value-added distribution channels.

Bestman Solutions

Bestman Solutions

As a specialist cyber security practice, we believe that people are an organisation’s most valuable asset. Success depends on hiring the right people, and this is where we come in.