IT Security Stories to Watch: Did China Launch GitHub DDoS Attack?IT Security Stories to Watch: Did China Launch GitHub DDoS Attack?
U.S. coding website GitHub last week experienced the largest distributed denial-of-service (DDoS) attack in its history. And as a result, GitHub topped this week's list of IT security newsmakers, followed by INTERPOL, CipherCloud and Kreditech. Here are four IT security stories to watch during the week of March 30.
March 31, 2015
U.S. coding website GitHub last week experienced the largest distributed denial-of-service (DDoS) attack in its history.
What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week’s list of IT security stories to watch to find out:
1. GitHub suffers DDoS attack
U.S. developer site GitHub recently experienced outages due to a DDoS attack that lasted several days.
The Wall Street Journal reported that the DDoS attack brought excessive traffic from overseas users of Chinese search provider Baidu to GitHub, which shut down GitHub’s website at times.
GitHub added that the incident was the result of “a wide combination of attack vectors.”
“We are completely focused on mitigating this attack. Our top priority is making sure github.com is available to all our users while deflecting malicious traffic,” GitHub wrote in a blog post.
2. INTERPOL discovers threat to virtual transactions
INTERPOL cyber threat researchers have identified an issue that could cause malware or other illegal data to be embedded in virtual transactions.
Noboru Nakatani, executive director of the INTERPOL Global Complex for Innovation (IGCI), said cyber attackers potentially could use the threat to launch zero-day attacks.
“Having identified this threat, it is now important for INTERPOL to spread awareness amongst the public and law enforcement, as well as encourage support from communities working in this field to find solutions,” Nakatani said in a prepared statement.
3. CipherCloud: Most enterprises prefer data encryption for cloud security
A new CipherCloud study revealed 64 percent of Global 2000 organizations identified cloud data security audit/compliance/privacy as a top challenge in the first quarter of 2015.
CipherCloud’s “Global Cloud Data Security Report” also showed that data encryption (81 percent) led tokenization (19 percent) among enterprises that have deployed cloud security solutions.
Other report results included:
Healthcare and finance organizations respectively protected 100 percent of all electronic protected health information (ePHI) and personally identifiable information (PII).
Latin America topped all regions with 100 percent of protection efforts centered on encryption, while North America, Europe and Asia-Pacific deployed encryption by 85 percent, 78 percent and 50 percent margins.
32 percent of organizations named unprotected data in the cloud as a primary concern.
“Organizations are harnessing cloud computing to more effectively compete in the global economy with faster time to market and cost efficiencies,” CipherCloud CEO Pravin Kothari said in a prepared statement. “At the same time, the head winds of privacy legislation in North America, Europe, South America and Asia Pacific make the case for data-centric protections in the cloud.”
4. Kreditech investigates data breach
Consumer finance startup Kreditech has begun investigating a data breach after hackers published thousands of applicants’ personal and financial information online, according to KrebsOnSecurity.
Anna Friedrich, Kreditech’s head of communications, pointed out that customer data was not stolen; however, applicant information may have been leaked by one of the company’s employees.
“This incident stemmed from a form on our website that was [storing] data in a caching system that deleted data every few days,” she added. “What happened was that a subset of application data was affected.”
About the Author(s)
You May Also Like
AWS re:Invent Partner, Vendor News: Cisco, Salesforce, MoreDec 01, 2023
People on the Move: Comcast, Cisco, NICE, TPx, Barracuda, MoreNov 29, 2023
AWS re:Invent 2023 Partner News: Marketplace, Salesforce, Certs, MoreNov 29, 2023
AWS re:Invent Expo: VMware, Snyk, HPE, More Showcase Cloud, Security, AINov 28, 2023