Ireland under attack !!!

Joe Exotic

Irish government infrastructure is under attack by a wide spread DDos attack

Wonder what the motive is ?

Not sure have we pissed of any hacktivist group lately.


Link

Labarbapostiza

murphk wrote: »

Irish government infrastructure is under attack by a wide spread DDos attack

Wonder what the motive is ?

Not sure have we pissed of any hacktivist group lately.


Link

I don't think it's just Ireland. I came in here looking to see if anyone knew anymore.

From what I can tell, the last week and a bit, has seen a massive global DDOS attack.

Anyone know what it is?.........A massive Smurf SYN request flood?

murphyaii

Well boards was hit for 2 days during the week also.

Could be isis or some bored anti-water activist with computer skills.

It's not just the gov being hit so it's a general ddos attack.

Maybe anonymous felt sorry for bypassing us lately.

or it could be to do with apple getting away with their taxes

Forgot to mention irish lottery was hit as well on wednesday.

KK4SAM

Candy Crush requests!!!!!!!

Labarbapostiza

murphyaii wrote: »

Could be isis or some bored anti-water activist with computer skills.

Why would an anti-water protester be attacking the internet?....Don't answer.

It's not just the gov being hit so it's a general ddos attack.

Forgot to mention irish lottery was hit as well on wednesday.

I'm reasonably sure many popular sites outside of Ireland were also hit.

It's not one little guy, on virtual machine, on a server in a Nicaraguan server farm, it appears to be a large scale distributed attack (which actually could be done by a little guy, rather than a Chinese civil servant.)

How I would do an attack of this scale. Find a vulnerability on a common domestic router. if you rule one, you rule them all. Then put my Smurf daemon on them. Then start shagging popular websites, from a distributed list.

jimmycrackcorm

Whatever about the government being under attack,I have to wonder how the connectivity for lotto machines was under attack.

I'd assumed that was a private network and effectively not exposed to the internet.

TrustedApple

Was reading the latest IT Industry in Ireland Tech Magazine that there was 18 Major DDOS in the last 3 months in Ireland on Major Irish companies and its on the rise big time.

Labarbapostiza

jimmycrackcorm wrote: »

Whatever about the government being under attack,I have to wonder how the connectivity for lotto machines was under attack.

I'd assumed that was a private network and effectively not exposed to the internet.

It likely was not the connectivity of the machines, but some element of the infrastructure that was exposed to the public internet.

There's very little true private network these days. Years ago, Eircom used to do a deal where they would let you have a mile and a bit of copper pair, going A to B, with nothing in between. They don't do that anymore. For a truly private network, you need the physical network to be private too.

The fact that there aren't that many major attacks isn't because network security is so good, it's because there really isn't that many hardcore hackers out there who want bring the roof down.

syklops

jimmycrackcorm wrote: »

Whatever about the government being under attack,I have to wonder how the connectivity for lotto machines was under attack.

I'd assumed that was a private network and effectively not exposed to the internet.

It (the lotto) has ingress/egress points on the internet. It could the IP for those points happened to be next in the block and so 'fell' within the scope for the attacks on the government systems. For example:

Lotto : 192.168.179.0/24
Gov.ie 192.168.178.0/24

Manach

Well looking at it from a cyber-legalistic standpoint, depending on the final level of attacks, this compares that which effected Estonia several years ago. That was likely linked to Russian freelancers who were likely given support by their state apparatus. Such deliberate targeting is unlikely in this current case but it could be a trial run on a relatively open infrastructure such as Ireland's.

A Primal Nut

jimmycrackcorm wrote: »

Whatever about the government being under attack,I have to wonder how the connectivity for lotto machines was under attack.

I'd assumed that was a private network and effectively not exposed to the internet.

According to Silicon Republic only the website was under attack and the machines were unaffected.

Impetus

I’m not surprised. I arrived in Ireland from the Continent the other day. The lack of attention to detail in the way the country is managed is probably also reflected in computer ‘security’ in Ireland.

1. My first point of contact with ‘reality Ireland’ was a cup of espresso at the airport. It was over-priced (2.50 €) especially for the filthy floor, stand up paper cup location in question. More like the price one would pay at The Four Seasons somewhere.

More importantly, the coffee was rubbish. They were obviously using (and getting away with) selling cheap Robusta, rather than Arabica coffee.


2. My second point of contact was at a third-world looking warehouse of a ‘courier company’ to pick up a replacement EuroDOCSIS3 modem (this is my third replacement in a year or so) – for ISP service, which is supposed to have a landline phone in the package.

I called the delivery company to enquire about their street address please….. They had no street or road name and no building number. (Another side of Ireland’s dysfunctional infrastructure). The answering agent was incapable of giving me directions to her place of work. She passed me over to a manager, who gave me directions along the basis of ‘passing the Topaz filling station’, and turning right at XYZ’s place. All I wanted was a postal address to enter into the GPS system in the car. So much for this nonsense ‘Eircode’, and it giving defined address space to every building in the country.


3. When I arrived at my destination and plugged in the modem – the phone line was still is not operational. I had this problem reported the last time I was in IRL – 2 Jan, when I made an appointment for a service call on 22 Jan. Which they cancelled at the last minute, and decided to fob me off with another modem. Incidentally the courier company had a website track and trace system, which purported to allow one to delay the delivery of the package or change the address (eg to a neighbour’s house). I managed to change the date, but the ability to change the address got greyed out. Anyway the track and trace log showed that they ignored the changed date, and it ended up as a service failure on the track and trace log. Hence me driving 10 km to this potholed ‘industrial estate’ (with not a factory in sight!) to deliver the item to myself.

My point is that in a country that can’t manage to deliver a tiny cup of coffee, or where every employee can’t specify their work address (as should be on an envelope – rather than a past the ‘Topaz station mode’), what hope is there that large computer systems operated by banks, government, and others will be operated in a 99.999% secure manner? And can be trusted to do so by the public?

http://www.theregister.co.uk/2016/01/22/irish_gov_ddos/

syklops

Yeah, any time I do a pen test for a company i always check the quality of their coffee. Its a very accurate indicator of the state of their network security.

Impetus

syklops wrote: »

Yeah, any time I do a pen test for a company i always check the quality of their coffee. Its a very accurate indicator of the state of their network security.

While I have no doubt you do check the coffee.....

But as they say 'The man who is faithful in the little things will be faithful in the big things, and the man who cheats in the little things will cheat in the big things too.' Which is my feeling on IRL SE (Societas Europaea), as a frequent traveller.

While it takes big $$$ resources to fight off a DDos attack, if the story I inked to has any truth in it, where there is smoke, there is fire, comes to mind.

This website is obviously under attack at the moment - and the amount of discussion relating to these issues herein, is alarming in its modesty.

o1s1n

I had a terrible cup of coffee when I landed in America the last time.

Their internet security is also clearly on the decline.

syklops

Actually all joking aside I spent a week in a well known transport provider and the tea was shockingly bad. I found a way of getting free tickets and it took them 3 years to fix it.

So maybe there is something to this theory.

Impetus

o1s1n wrote: »

I had a terrible cup of coffee when I landed in America the last time.

Their internet security is also clearly on the decline.

The worst coffee you can get in the world is probably at this mainly US owned (also GB) chain stores that purport to be coffee houses/cafes. They also offer wifi, which is among the most insecure on the planet.

Blowfish

syklops wrote: »

Yeah, any time I do a pen test for a company i always check the quality of their coffee. Its a very accurate indicator of the state of their network security.

In fairness, it's actually not a bad idea to.

Labarbapostiza

Impetus wrote: »

My point is that in a country that can’t manage to deliver a tiny cup of coffee, or where every employee can’t specify their work address (as should be on an envelope – rather than a past the ‘Topaz station mode’), what hope is there that large computer systems operated by banks, government, and others will be operated in a 99.999% secure manner? And can be trusted to do so by the public?

I worked for a very major ISP.

The network was (it likely still is), as vulnerable as a new born baby. For a company of it's size, you would not believe how much of a joke security was. In this organisation, typically, managers solved problems by making it a sackable offense to report them.......And this company has thousands of managers (that's not an exaggeration; thousands of managers). But the operation in charge of security for a network of millions of subscribers, only had two people, who were not technical, or even that comfortable using email. And the topography of the network seems to have been laid out to facilitate the security forces of that country. I think their idea was designing in such a way that they could easily switch off the internet (but if they can do that.........what about someone else doing it............. As a colleague used to remark, all you needed to knock out the entire network was a hatchet...if you knew where to chop.......)

Some ISP's take their security seriously, but they are the exception not the rule. There are unbelievable berks in charge of a lot of this infrastructure, and their berkishness alone, is an ongoing denial of service attack.

I worked for a major IT support company. Doling out usernames and passwords. For an example of Berkishness, for getting to where I could access the usernames and passwords, I would have to jump through multiple hoops of security (logging on to this to log onto that, blah blah)......but, when I arrived at the point where I could give out usernames and passwords. There was no security question; like what's your mother's maiden name. I had no way of telling if the person calling was who they said they were. And I used to just ask them their mothers maiden name, and give them all they needed to access whoever's account they were looking for.

_Tombstone_

Did every attackee sign up with Cloudflare??

syklops

_Tombstone_ wrote: »

Did every attackee sign up with Cloudflare??

It feels like it.

Impetus

Labarbapostiza wrote: »

I worked for a very major ISP.

The network was (it likely still is), as vulnerable as a new born baby. For a company of it's size, you would not believe how much of a joke security was. In this organisation, typically, managers solved problems by making it a sackable offense to report them.......And this company has thousands of managers (that's not an exaggeration; thousands of managers). But the operation in charge of security for a network of millions of subscribers, only had two people, who were not technical, or even that comfortable using email. And the topography of the network seems to have been laid out to facilitate the security forces of that country. I think their idea was designing in such a way that they could easily switch off the internet (but if they can do that.........what about someone else doing it............. As a colleague used to remark, all you needed to knock out the entire network was a hatchet...if you knew where to chop.......)

Some ISP's take their security seriously, but they are the exception not the rule. There are unbelievable berks in charge of a lot of this infrastructure, and their berkishness alone, is an ongoing denial of service attack.

I worked for a major IT support company. Doling out usernames and passwords. For an example of Berkishness, for getting to where I could access the usernames and passwords, I would have to jump through multiple hoops of security (logging on to this to log onto that, blah blah)......but, when I arrived at the point where I could give out usernames and passwords. There was no security question; like what's your mother's maiden name. I had no way of telling if the person calling was who they said they were. And I used to just ask them their mothers maiden name, and give them all they needed to access whoever's account they were looking for.

Back in the day I had a busy website with about 20'000 uniques a week. I received a phone call from the ISP who hosted the site, on a landline phone number which was not registered or published anywhere, (I didn't live there, and was just there for a weekend). And used '141' before connecting to the site. ('141' only prevents the display of your number to the called party) - the telcos still pass your full number with the other rats in the info theft industry, a 'do not display' marker in C7 lingo to each other.

Carlin Lillington has a good story in today's Irish Times on the sick state of the country's data privacy - where telcos store data ad-infinitum - despite EU laws that limit retention to 6 months (for the honest country) to 2 years for the corrupt/incompetent member state. A political compromise.

The other ('Irish' (read British based) ISP asked the incumbent Irish phone company for a phone number for me based on the IP number that was used for posting a particular page, because somebody who knew someone, was able to get the info from the British ISP (from Eir [then known as eircom]). The page was a list of companies and their URLs in a particular industry (ie car rental). Nothing sinister or illegal in the list. I never charged anybody for being listed, but in many industries, it seemed to be regarded as hot (in terms of customer referrals). This corrupt phone company, and their bully client were trying to force me to list this company with the other companies in that industry.

I am not into being bullied, and removed the entire industry from the website, as a result of the call from this British phone company.

More on Irish the corrupt, illegal state of Irish data 'privacy' in today's Irish Times....

http://www.irishtimes.com/business/technology/an-epic-fail-for-ireland-s-data-protection-laws-1.2512866