14 DAY TRIAL // Managed security services provider Solutionary has released its research report for the second quarter of 2013. The study focuses on several interesting topics, including the hacktivist operation OpUSA, the PRISM revelations and DNS amplification attacks.
OpUSA hasn’t caused too much damage, but Solutionary’s Security Engineering Research Team (SERT) has made some interesting technical observations regarding the campaign.
It turns out that most of the websites (73%) compromised by hackers in OpUSA were hosted on Microsoft IIS Web servers. 17% of the platforms were running IIS version 5.0 or 5.1, which were no longer supported by Microsoft.
This means the attackers had a large number of security holes they could exploit to achieve their goals.
It’s also worth noting that 68% of the websites compromised in OpUSA were hosted outside of the United States.
As far as the PRISM surveillance project is concerned, during the second quarter of 2013, Solutionary hasn’t learned of any organization being breached as part of, or in retaliation for, the controversial program.
Solutionary has also observed an increase in the number of denial-of-service (DOS) attacks that rely on DNS amplification.
According to experts, most of the DNS request traffic has originated from the United States and China.
The recommendations for mitigating DNS amplification attacks include logging and reviewing DNS activity, and limiting recursive query access to authorized networks.
“Observations by SERT over the past several months have led us to conclude that hacktivist attacks are on the rise and that headline-driven security concerns can often take the focus off of fixes that can improve defensive postures,” says Rob Kraus, director of research, SERT.
“Security and risk professionals reading this report will find that there are several simple steps that can be taken to better defend against the identified attacks.”
The complete SERT Quarterly Research Report is also available for download on Solutionary's website (registration required).