Since the malware’s creation it has been involved in large scale and disruptive distributed denial of service attacks (DDoS), the biggest of which being the September attack on security Journalist Brian Kreb’s website, and also the October 2016 Dyn cyberattack.

The Dyn cyberattack made headlines because of the sheer amount of services that were affected, and the high-profile names whose security you’d expect to be tighter. Services affected by the attack included Amazon, Ancestry.com, Comcast, Fox News, GitHub, CNN, Twitter, Visa, Starbucks, Reddit, and many more huge names. In total it’s estimated that the damages exceeded $100m.

Now while taking down those huge websites garnered them negative attention that would have likely put finding the authors under a spotlight, it was attacking Brian Kreb’s website that cost them their privacy. After the attack on his website, Brian made it his personal mission to track down the perpetrators and bring them to justice.

Brian Kreb outed the three men, Paras Jha (22), Dalton Norman (21) and Josian White (20). Jha and his co-conspirators had begun creating the malware in 2016 and at a later date monetized it by renting it out to other criminals.  So Brian had succeeded in outing the hackers, but what about justice?

This is where the case takes a surprising turn. The 3 men plead guilty to the charges, and it was expected that they would receive the maximum sentence of a $250,000 fine and 5 years prison time. However, the FBI asked for an 85% reduction in their sentence. This lead to them receiving 5 years of probation and 2500 hours of community service. They were also ordered to pay $127,000 in damages and volunteer cryptocurrency they made through the endeavour.

By cooperating with a reduced sentence, law enforcement will benefit from insider hacker knowledge of these types of attacks which will make them better equipped when dealing with future attacks.

The post Mirai botnet authors: From criminals to FBI agents appeared first on Hack Ware News.

So far as 2018 progresses, the year seems rather promising with the exception of recurrence of “Black Monday” on 5 February 2018 which witnessed the biggest Dow Jones drop of all time over the stock markets. Cryptocurrency also went with the dive since achieving historical high late last year.

For the cybersecurity sector, no boom and bust cycle yet as the year entered the second month. However, US-headquartered security technology firm, A10 Networks highlighted to Hackwarenews on the cyber threats trend ahead for 2018.

Bigger, bolder and costlier cyber-attacks expected in 2018

Song Tang Yih, vice president Asia Pacific of A10 Networks told Hackwarenews that cyber-attacks in 2018, will be bigger, bolder and much costlier for victims.

“For 2017, spending on cybersecurity reached USD86 billion which was a humongous amount,” said Song.

Furthermore, he noted that the average data breach cost in 2017 accounted to around USD 4 million, while the annual cyber-attack cost ballooned to USD 400 billion alone. Using these past data, Song expected an increasing volumes of cyber-attacks in 2018, as hackers used more sophisticated approaches such as “Reaper malware” to breach vulnerabilities in systems for financial benefits.

More state-sponsored attacks expected

Some of these cyber-attacks were believed to be state-sponsored in nature at a bid to obtain hard currency as voiced out by Jonathan Tan, regional vice president, ASEAN and Pakistan of A10 Networks.

“There is no good time or bad time, where the hackers will rest. In fact, more so during the bad time, hackers will hack for finance gains.” commented Tan.

Some of the cyber-attacks were believed by Tan to be inspired by regional tensions among countries which eventually conducted cyberwars to breach each other systems. To Tan, Singapore is in the forefront of this battle due to the connectivity among its various governmental services and its ambition of becoming an IT-savvy Smart Nation.

Telco Operators on the hit list

Beside government networks, Tan expected Telecommunication (telecom) operator to be next victims due to its role in serving as the conduit for businesses. In his opinion, the hackers will seek to exploit Internet Protocol version 6 (IPv6) or Internet of Things (IOT) vulnerabilities.

Cameras and surveillance system run via the telecom network will also be another vulnerable spots for attacks to compromises corporates securities or simply to bring the whole network down to the attackers’ advantages.

The Challenges of merging various Cloud platforms

In 2018, Song estimated more corporations and organisation to merge their private clouds with public clouds into multi-cloud environments for scalability purposes. The merging processes, however might provide more vulnerabilities for data breaches and the call for the protection of personal data online is more needed than ever.

The good news is that there are already some partnership and technology development set in motions to smooth out the merging of private and public cloud. For instance, software giants like Microsoft, Azure and Google have come together to provide uniform set of infrastructures and application program interface (API) for hybrid clouds to further improve efficiency.

Deceptive technology to act as sheepdog against cyber-attacks

Despite the various threats, security services providers like A10 Networks has something in their sleeves against cyber-attacks. One of the weapons will be using adaptive, deceptive and predictive security products to prevent cyber-attacks.

To certain extent, Tan even dubbed the deceptive and predictive technology into a “Top Five Technology” in 2018. As these know-hows give security operators the ability to predict a cyber-attack that is yet to happen.

“Deceptive and predictive technology allows the security firm to trick the hackers to stay ahead of them and protect systems,” concluded Tan.

In his opinion, the digital security will eventually become a basic human right issue as our world gets more interconnected and our dependence on safe communication become close to our needs for clean air, water and food.

The post Annus horribilis or Annus Mirabilis for cybersecurity in 2018 appeared first on Hack Ware News.