Featured, McAfee Labs

McAfee Cyber Defense Center Zooms In on Middle East

3
By on Mar 05, 2014

From McAfee’s first Cyber Defense Center (CDC) in Dubai, we closely monitor threats and activities in Europe and the Middle East. Since the Center’s official launch in September 2013, we have seen  quite a few interesting trends, especially in the Persian Gulf region.

Gulf-overview

Many of the activities spotted are related to hacktivism, cybercrime, or regional conflicts. The following table gives an overview of the top-five countries that are under attack, the top-five verticals, and the top-five types of attack that are used in the various incidents and campaigns targeting these countries and industries.

Gulf_regions:sectors

In this region it is safer to launch a protest from behind a desk than to actually go out on the streets and participate in a demonstration.

Tools and quick-setup sites for participating in a distributed denial of service (DDoS) campaign are divided among the participants. It can be as easy as clicking on a short link, which opens a web page containing an application with a front end prefilled with the victim’s details. By clicking on the launch button, the commands are sent to a list of “booter” servers that commence the DDoS attack. An attacker can easily execute an exploit from a computer as well as a smartphone.

One type of DDoS attack scenarios we are monitoring from the CDC are “DNS-amplifying-DDoS” attacks. This scenario allows the actors to boost DNS responses by a factor of 40 or more per DNS request. Either the attackers scan for vulnerable DNS servers or set up their own network of DNS servers. Tutorials, tools, and code are freely available on the Internet to launch these kinds of attacks. Since September 2013, we have seen that most of these attacks were launched against Turkey, with Saudi Arabia and the United Arab Emirates in second and third place, respectively.

DDoS_victims

Prevention

3 Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>