British ecommerce sites hit by several DDoS attacks

It's now reported that several British eCommerce website administrators are trying to manage many service disruptions after they were systematically targeted this week by DDoS hackers demanding ransoms to stop the distributed attacks.

Bolton-based online reseller Scan International confirmed it first noted unusual amounts of internet traffic visiting its home page on Sunday, which continued until today, peaking at lunchtime.

Scan representative Elan Raja told us the company also received an email from an anonymous source demanding payment of a ransom to put an end to the DDoS attacks. He refused to detail the amount requested but it could very well be in the several thousands.

“This has happened to various companies this week by individuals that are using e-tailers like an ATM,” he told internet-security.ca.

Raja added that he has let the appropriate authorities deal with the issue, and that he bolstered its site's defences, but he added that at no point were the attackers able to obtain customers personal information as “our data is protected internally”.

“This is an attack on our external infrastructure,” he said, and “if you imagine our business in a house, the data is held in a secure room. The criminals cannot break down the door but are still ringing the bell”.

Technology e-tailer Aria Technology was also affected by a similar website disruption yesterday.

Aria Taheri, the company's managing director, said his firm’s website was knocked out on yesterday afternoon for around two hours, one day after his company received a blackmail demand via email for 16.66 Bitcoins (about US $4,000).

The blackmailers threatened to make the site unavailable for Wednesday unless payment was met, but actually started a series of intermittent attacks on Monday that continued into Wednesday morning and beyond.

“It was a powerful attack that also affected our service providers,” Taheri told us. “It was a consistent DDoS attack that has continued today,” he added.

Aria reported the attack on its systems to Greater Manchester Police, Taheri confirmed. Novatech, CCL and gaming biz Overclockers are also understood to be affected, although there is no concrete evidence that the attacks are connected. The companies were not available to comment.

Novatech and Scan told customers via their Twitter feeds that their respective websites were experiencing issues, but without explaining exactly why.

Novatech’s website appeared normal on Wednesday morning, while Scan’s website was slow to load or occasionally briefly unavailable. Aria’s website appeared to be functioning normally, however.

Taheri estimates that his competitors were hit as part of the same DDoS attack, but this remains unconfirmed at this point.

Back in March 2013, Aria’s site was also hit by a DDoS attack but the culprit was identified after a reward was posted, according to Taheri.

The businessman is adopting the same tactics this time around offering a £15,000 reward for information that leads to a successful prosecution against the culprits.

DDoS-based extortion attacks have been a huge and ongoing issue for many years. Initially, they were launched against online bookmakers at times of peak demand but over time a wider range of targets have been affected.

One particular group of hackers called DDoS for Bitcoin (DD4BC) have been particularly active in blackmailing smaller businesses with packet flooding attacks over recent months.

The latest run of attacks are similar to previous extortion hit scams linked to Bitcoins, which makes it a suspect, if nothing else.

The evidence is circumstantial at best. DD4BC started off by attacking Bitcoin firms, before expanding its range of targets including banks and Scandinavian firms.

A security company praised Aria for standing up to extortionate demands. Igal Zeifman, senior digital strategist at Imperva, a supplier of DDoS mitigation and web application firewall technology, commented: “By refusing to pay the ransom and posting a bounty instead, Aria is following the steps taken by companies such as Bitalo and Bitmain, who also decided to strike back against their DDoS extortionists."

"It is definitely doing the right thing. Based on our experience, despite the attackers’ robust threats, many of these attacks tend to be unimpressive and can be countered with ease, given the proper protection," added Zeifman.

Source: Scan International.

Brocade to work more closely with LTE network operators

Earlier today, Brocade has announced a new network monitoring and management solution it hopes will attract the attention of LTE network operators in the U.S. and abroad.

Brocade's spokesman Phil Coates said the company is specifically addressing the shortcomings of traditional (ie: legacy) network monitoring systems.

Something like a deep packet inspection system plugged into a particular port and delivering traffic back to a management system doesn't match well with the increasingly-virtualized operations of an evolved packet core (EPC) network, Coates added.

The new system's enclosure is screwed into the rack and that's where it stays – but the workloads that are handling customer traffic, as processes in virtual machines are mobile, and can easily move out of reach of the system trying to capture statistics about their network traffic.

So in the network visibility portfolio, there's a virtual packet broker (VPB) that can move around with specific workloads, Coates said.

For his part, Asia-Pacific manager Gary Denman added that wireless carriers also want systems to be programmable enough to capture data down to the session level, something that many equipment makers can't seem to accomplish given today's technology.

A possibly controversial example of this is in complying with law enforcement-- even if you know you want a particular individual's traffic and have DPI handy, you're likely to end up with a flood of data that still has to be sifted down to what's specifically in a search warrant.

"Instead of setting hardware rules to get all of Richard's traffic, and later analyse it – now, we can turn around and look for specific traffic associated with a unique function, and get just that data that interests us", Coates explained.

As another example, a more mundane application would be in trying to maintain network optimisation for traffic like video. A user streaming sports while on a train would move between cells. If the network monitoring and optimisation features are solely hardware-based, there's going to be a lot of communication between the various units in most base stations to keep the stream optimized in a coherent manner.

Denman added that the overall explosion of over-the-top traffic is also in the company's sights, because mobile operators are struggling to adjust their billing models, partly because it's so difficult to get detailed data about what applications are using network bandwidth per se.

Brocade's sales litterature is that the "tap" can follow the workload with very low latency. It can spin up in a millisecond, Coates said. The network can get a lot more responsive in that instance.

Source: Brocade Inc.

Microsoft extends support of some of its Azure cloud storage APIs

Microsoft said earlier today it has extended the period it will support some of its Azure (early cloud) storage APIs, though we are still waiting for additional details.

As explained by Azure's program manager Dinesh Murthy, Microsoft seems to have a couple of motivations for these changes.

One reason is probably to give users more time to switch to newer APIs, suggesting that they feel they're being rushed.

However, some APIs have had their day of doom postponed indefinitely, suggesting customers want to keep using code Microsoft thought they'd be happy to dump or simply upgrade.

This simply suggests that MS' Azure has won some very sticky incumbencies that Microsoft dares not to disrupt in any way. And we can certainly understand that.

Microsoft has made it very clear that it will constantly add new features and services to its cloud offerings.

Those extensions of older APIs, which keeps earlier versions of storage services alive for longer, suggests that as users spend more time in the cloud they find they don't always want new features.

Or perhaps they've simply made the mistake of building apps with tight coupling to particular services. Or is it something else? We might know more a bit later.

At any rate, whatever the reasons Microsoft has decided to move so slowly on this, it also teaches us that the cloud/SaaS mantra of one codebase for all users and everyone on the current version may not hold in all cases.

So if you really need older APIs, Microsoft is simply saying that it might find a reason to keep them alive.

Which leaves Microsoft, and maybe other cloud providers, running more than one service and perhaps with rather higher costs that first imagined. Time will tell.

Extending the life of these APIs also places a small dent in cloud critics' Hotel California argument that says “You can check in anytime you want but you can never leave” complaints.

Source: Microsoft Corp.