Monthly Archives: March 2013

Over 200 People Rescued From Drifting Ice Floe

LATVIA: One of the ice floes was washed as far as 4 kilometers away from shore. At one point it could not be reached by rescue boats, so the operation was continued by helicopter.

“219 people have been rescued from the two ice floes. The evacuation is over.”

 Latvian emergency officials

oie_2683841eB4TzOjd

Over 200 people, including women and children, have been rescued from two ice floes that drifted away from the shores of Latvia, the country’s emergency ministry has reported. The massive rescue operation in the Gulf of Riga involved helicopters and Navy ships. Bad weather conditions and high waves hampered rescue efforts at times, but the operation was completed successfully.

“219 people have been rescued from the two ice floes. The evacuation is over,” Latvian emergency officials told RIA Novosti.

There were 180 people on an ice floe near Vakarbulli beach, and another 39 on one near Majori beach. Initial reports suggested that there were over 500 people on both ice floes, RT.com reports.

One of the ice floes was washed as far as 4 kilometers away from shore. At one point it could not be reached by rescue boats, so the operation was continued by helicopter.

The situation was critical, as winds are very strong and the boats involved in the rescue operation were suitable for inland waters, not the sea, State Fire and Rescue Service spokesperson Victoria Sembele said, according to TVNET website.

The Latvian Emergency Ministry has once again urged people not to walk on ice.

A similar incident occurred in Russia`s Kaliningrad region, the country`s most western territory, where 80 fishermen had to be rescued from a drifting ice floe as it washed away one kilometer off shore.

16

Comments Off on Over 200 People Rescued From Drifting Ice Floe

Filed under Uncategorized

If You Can’t Kill the Internet by DDoS, Try An Axe

It’s said to be more than 500 ways to kill a cat. How many ways there is to kill the Internet is yet to be determined, but some people seems very keen to find out:  Reuters reports, Thursday, that the Egyptian coastguard have intercepted a fishing boat off the coast of Alexandria and arrested three men in the act of trying to cut through the SEA-ME-WE 4 undersea cable. The cable is one of the main Internet connections between Asia and Europe, transporting 1,28 terabytes of data.

“Multiple sub sea cable cuts have been confirmed off the northern coast of Egypt in the Mediterranean Sea, which are impacting a number of cable systems in AfricaMiddle East and Asia connecting to Europe,”

Seacom

AxeISP

The Internet does not live in anything resembling a cloud (yet). Instead it resides in hundreds of cables snaking underground and along the bottom of the sea, where it is susceptible to ship anchors, marine life, and sabotage. That’s exactly the kind of attack that seems to be underway. The past week we have seen reports of several severed cables off the coast of Egypt.

According to Reuters, the Egyptian coastguard intercepted a fishing boat off the coast of Alexandria and arrested three men trying to cut through the SEA-ME-WE 4 undersea cable, yesterday. The cable is one of the main connections between Asia and Europe, running from France to Malaysia and linking Italy, north Africa, the middle east and south Asia.

The men are at the moment being interrogated by Egyptian authorities. Their identities are still unknown.

This slideshow requires JavaScript.

The Egyptian navy have  uploaded their pictures on Facebook, so if you recognize any of them, please notify the authorities via this link.

Over the past week there has been several reports of severed cables off near the coast of Egypt that are part of Seacom, a network of cables serving much of Africa.

Seacom officials have up to now suspected careless ships. But the arrest of the three men yesterday suggests there could a concerted effort to take down Egypt’s connectivity.

sea-me-we-4-route

A similar spate of cuts affected the region in 2008, though no culprit was officially established.

Most big countries have several redundant cables landing on their shores. But the loss of even a single one means that all the traffic must be jammed through remaining connections, causing congestion. And there is nothing to stop determined attackers from targeting several cables.

webaxeMany cables go through geographic chokepoints like the Suez, and it wouldn’t be difficult to disrupt a whole bunch of connections for a period of time.

Yesterday’s attacks on the Internet’s infrastructure – the Cyberbunker attack and the Egyptian cable cutters – show two ways of waging asymmetric war in the Internet era.

If your aim is a single company, it helps to know how to wrangle thousands of zombie computers into a precise, targeted attack. That also has the benefit of allowing regular users—and the attackers themselves—to stay online.

But if your target is bigger, say a country or a continent, all it takes to cripple the network is scuba gear and a few sharp-edged tools, qz.com writes.

In other words: If you see someone lurking around with a snorkel and an axe – call the police !

Flaz-CrazyAxeMurder_Blood-LR

Related by econoTwist’s:

1 Comment

Filed under Laws and Regulations, Technology

Real Mafia War Online; Could Crash the Global Internet

Last week econoTwist’s reported on what most likely was tha largest cyber attack on US banks, ever. Now, it turns out, that it was only the beginning of something much larger – and even more scarier – the largest computer attack in the history of the Internet. The biggest DDoS attack ever recorded is said to be  jamming crucial infrastructure all over the world and causing widespread congestion. But this has nothing to do with the Anonymous or other online activists – this is in fact the first full-blown real mafia war online we’ve ever seen. I’m afraid it won’t be the last.

“These guys are just mad.”

Patrick Gilmore

mafia-wars-wallpaper

According to BBC, five national cyber-police-forces are investigating the attacks. The attackers have used a well-known  tactic called “Distributed Denial of Service (DDoS),” which floods the intended target with large amounts of traffic in an attempt to render it unreachable. But they have also found a way to amplify the effect, creating a data-tsunami of 300 gigabyte per second – three times larger than any DDoS attack we’ve seen before.

The intended main target appears to be Spamhaus, a European organization that maintains a blacklist of ISPs that supposedly host “spam gangs” and who refuse to stop serving them as customers.

Spammers are – plain and simple – the marketeers of organized crime, making it possible for counterfeit products, medicine and illegal (child) pornography to reach potential customers worldwide. They are the “street pushers” of internet dope.

And the competition seems to have reached  a whole new level.

wp7As you can imagine, Spamhaus has no shortage of enemies, given its line of business. But most rumors point to the Dutch spammer CyberBunker who that prides in hosting anything –  except terrorist material and child pornography. Cyberbunker brags on its Web site that it has been a frequent target of law enforcement because of its “many controversial customers.” The company also claims that at one point it fended off a Dutch SWAT team“Dutch authorities and the police have made several attempts to enter the bunker by force,” the site says. “None of these attempts were successful.”

However, up until now these cyber cowboys have fought their internal battles mostly by blocking each others traffic. But this time the Dutch were really, really angry.

Sven Olaf Kamphuis, an Internet activist who claims he is a spokesman for the attackers, says in an online message to The New York Times that  Cyberbunker was retaliating against Spamhaus for “abusing their influence.” 

according to the NYT, they got help from Eastern European and Russian gangs.

“Nobody ever deputized Spamhaus to determine what goes and does not go on the Internet. They worked themselves into that position by pretending to fight spam,” Mr. Kamphuis says.

Spamhaus is pretty resilient, as its own network is distributed across many countries, but the attack was still enough to knock its site offline on March 18. A spokesman for Spamhaus says the attacks began on March 19, but have so far not stopped the group from distributing its blacklist.

Patrick Gilmore, chief architect at Akamai Technologies, confirms Spamhaus’s role as generator of Internet spammer lists.

Commenting on Cyberbunker, he says: “These guys are just mad. To be frank, they got caught. They think they should be allowed to spam.”

Mr. Gilmore also explains that the attacks consists of concentrate data streams that are larger than the Internet connections of entire countries.

He compares the technique to using a machine gun to spray an entire crowd when the intent is to kill one single person.

If you want to read what the involved parties have to say for themselves – here are some links:

Amplified Attack

What makes this case specially interesting (and disturbing) is that the cyber criminals seems to have found a way to amplify the attacks.

Professor Alan Woodward of the University of Surrey, one of the UK’s premier computer security experts, says that the attack “seems to be orders of magnitude larger than anything seen before,” and highlights the technique that’s been used.

“The thing that got people talking is that it’s a DNS amplification attack. The point is, if you’re targeting something and  the target has a 10 Gbps switch, you only have to throw 11 Gbps at it and you’ve pole-axed the system. If it is at 300 Gbps, then potentially some of the main infrastructure is being affected, though I’m not sure how much it’s really affecting it.”

The company that Spamhouse called for help, (Cloudflare), provides an even more detailed explanation:

“The largest source of attack traffic against Spamhaus came from DNS reflection… This method has become the source of the largest Layer 3 DDoS attacks we see (sometimes well exceeding 100Gbps). Open DNS resolvers are quickly becoming the scourge of the Internet and the size of these attacks will only continue to rise until all providers make a concerted effort to close them…”

“The basic technique of a DNS reflection attack is to send a request for a large DNS zone file with the source IP address spoofed to be the intended victim to a large number of open DNS resolvers. The resolvers then respond to the request, sending the large DNS zone answer to the intended victim. The attackers’ requests themselves are only a fraction of the size of the responses, meaning the attacker can effectively amplify their attack to many times the size of the bandwidth resources they themselves control.”

Exactly, How Dangerous?

Steve Linford, chief executive for Spamhaus, says that this kind of attack power would be strong enough to take down government internet infrastructure.

“If you aimed this at Downing Street they would be down instantly, They would be completely off the internet.”

“They are targeting every part of the internet infrastructure that they feel can be brought down,” Mr Linford says.

“There’s certainly possibility for some collateral damage to other services along the way, depending on what that infrastructure looks like,” says Dan Holden,  director of security research at Arbor Networks.

“If it was done really seriously in a wider attack, then it could affect many users. Trying to take down the whole internet is impractical, but you could start to decapitate sections of it,” Professor Alan Woodward says, according to gigaom.com.

medium_complicated_censoredSo, just to summarize:

  • We now have local police trawling Facebook in search of gang activity.
  • The FBI is busy chasing trolls who mocks them by hacking their computers.
  • Governments are making laws to forbid people from speaking their mind on their personal blogs.
  • Meanwhile, the really dangerous cyber criminals are experimenting with new cyber weapons with unimaginable destruction power. 

4 Comments

Filed under Laws and Regulations, Technology