Bad Bots Are Getting Smarter, Overview of The Current DDoS Landscape And More in This Weeks News
Bots are becoming more humanlike
With new technologies, bots will soon be able to act more like humans than humans themselves. According to various reports, bot operators control a percentage of PCs around the world and users are unaware of it. In the US, one estimate was 6%. When bot operators have access to a PC, that means they have access to all of the user’s history and activities. Bots will also spend the right amount of time on each page, move the mouse across the screen as a real user would, click on the right parts of the website and so on. Contrary to what you may think, this just means that bot mitigation platforms will develop better ways to defeat bots, and GlobalDots will be here to help you pick the right one and never worry about bots again.
Read more: Bizety
Kaiten, Mirai & the DDoS landscape
Akamai published an article which explains that even though many organizations think they know what the DDoS landscape looks like, it’s all based on months old information. Right now the DDoS landscape is changing faster than anything else with botnets like Kaiten that uses routers and other devices and Mirai that users IP connected cameras and DVRs. The release of Mirai is not something that can be rolled back. The code is available and everyone from amateurs to professionals who want their own DDoS botnet are looking at the code to create a bigger, better, newer version. The message here is to hope for the best, but prepare for the worst.
Read more: Akamai
Extreme surveillance laws in the UK
UK’s parliament’s House of Lords on Wednesday passed a surveillance bill that provides the government extreme powers over the data of citizens. This is now known as The Investigatory Powers Bill or “Snooper’s Law” and is currently being passed through British Parliament and is awaiting only the Royal assent to become law. This bill basically means that every ISP in UK will be required to backup all browsing data of UK users for up to a year and make it available to authorities whenever they please.
Read more: Hacking Threat
Facebook is buying stolen passwords on the black market
Facebook is buying leaked passwords from black market vendors to protect their users. The reason being the recent data breaches relating to Yahoo, Twitter, Linkedin, Myspace & Dropbox and the possibility of users using the same password with their facebook account as well. When Facebook purchases these passwords, they cross-reference these with the current account password and notify the user if they should use another password to protect their account. Facebook has been able to identify and alert tens of millions of users with compromised passwords.
“It turns out that we can build perfectly secure software and yet people can still get hurt”
– Alex Stamos, Chief Security Officer at Facebook
Read more: Hacking Threat
Mirai has more to do with DVRs than CCTV cameras
Previously it has been speculated that the Mirai botnet, which is behind the Dyn outage and counted as the biggest DDoS attack so far, has been using CCTV cameras mostly with DVRs and routers as a supporting role. It turns out DVRs were the main players behind the attack as CCTVs offer less functionalities than DVRs and therefore are a less flexible attack platform. CCTVs also had a near-identical code to the DVRs, so this is where possibly the confusion was made.