DDoS Threats Library

  • The threats list below is a central place for threats and alerts related to network and application security. In particular, we are monitoring types of DDoS attacks, trends and tools, and attacks announced on IRC channels, social media and other attackers' communication channels.

  • CategoryThreat Name

    Attack alert

    OpISIS

    Date: 17.04.15

    Background

    Islamic State in Iraq and Syria (ISIS), an Al-Qaeda splinter group, is infamously known for its malicious, physical attacks. Recently, however, ISIS has been credited with cyber-attacks. As a result, organizations such as Anonymous have started to counter-attack ISIS sites.

    Additional Information

    For additional information regarding the threat, read the full Threat Alert.

    Attack alert

    OpIsrael 2015

    Date: 30.03.15

    Background

    OpIsrael 2015 is an organized set of attacks aimed at the Israeli government, public institutions and other high profile Web sites. These attacks are planned by anti-Israeli individuals and Anonymous-affiliated hacktivist groups such as “AnonGhost” (Tunisia). The goal of the attackers is to a launch a massive set of cyber-attacks against Israeli cyber space. OpIsrael 2015 is the third in a series of OpIsrael attacks – with the first occurring in 2013.

    Additional Information

    For additional information regarding the threat, read the full Threat Alert.

    Attack alert

    Recent Terror Attacks in France Trigger Cyber Attacks

    Date: 14.01.15

    Summary

    On January 7, 2015 France endured a three day terror attack. In the aftermath, two separate parties launched a series of cyber-attacks. First, Anonymous declared war on Islamic extremists and promised to seek revenge for the attack on French satirical magazine Charlie Hebdo. Second, the Islamic hacker's team AnonGhost declared cyber war on France, citing their unhappiness with the French population and its reaction to these attacks.

    Additional Information

    For more details see the attached ERT Threat Alert here.

    Vulnerability

    SSLv3 POODLE

    Date: 15.10.14

    Summary

    On October 15 Google published details of a vulnerability in the design of SSL version 3.0. This vulnerability allows the plaintext of secure connections to be calculated by a network attacker.

    Additional Information

    For more details see the attached FAQ.

    Attack alert

    Tsunami SYN Flood Attack

    Date: 07.10.14

    Summary

    The Tsunami SYN Flood Attack is an intriguing variant of the traditional SYN flood attack. We believe that attackers are trying to challenge protected environments that would typically block a classic SYN flood but not this variant. In contrast, the Tsunami SYN flood can cause internet pipe saturation. Unlike other known pipe saturation offenses using mostly UDP traffic, the Tsunami SYN flood attack is carried over the more common TCP protocol. We have noticed attacks on entire IP and port ranges, again trying to bypass traditional SYN flood protection expecting the attack on a specific IP and port.

    Additional Information

    For more details see the attached Threat Alert.