MSSP, Managed Security Services

Security Update: Record DDoS Attack Mitigated, But More Are on the Way

Cybersecurity and Digital Protection

Each week, ChannelE2E brings you the top cybersecurity insights from our affiliate site MSSP Alert, because we know that managed service providers need to stay on top of trends in cybersecurity.

This week, we examined the rise in DDoS attacks, including a massive one thwarted by Cloudflare, as well as looked at 11 of the biggest cyberattacks 2024 has seen (so far). AI is now a staple feature in phishing kits delivered to attackers, and Typhoons are posing a major threat to large enterprises, as evidenced by China's Salt Typhoon and its attack on AT&T and Verizon. Finally, learn more about how you can benchmark your MSSP's security services pricing. We want to hear from you! Here's our roundup.

  • Record DDoS Attack Mitigated, But More Are on the Way
  • Unlocking Industry Secrets: Join Top MSSPs in MSSP Alert’s Benchmark Pricing Survey
  • AI Now a Staple in Phishing Kits Sold to Hackers
  • 11 Big Cyberattacks in 2024 So Far
  • China-Backed Salt Typhoon Hack Into AT&T, Verizon Networks

Record DDoS Attack Mitigated, But More Are on the Way

Cloudflare warded off a month-long hacking campaign that launched more than 100 distributed denial-of-service (DDoS) attacks, with the largest one reaching a record peak.

The L3/L4 DDoS attacks, which spanned the month of September and targeted multiple unnamed Cloudflare customers in such sectors as financial services, the internet, and telecommunications, at one point hit a record 3.8 terabits per second (Tbps) and 2.14 billion packets per second (Pps).

The 3.8 Tbps reached in the volumetric DDoS attack – one that overwhelms a website’s network with traffic to the point that legitimate traffic can’t get through, making it impossible for the site to do business – was more than Microsoft detected in late 2021, which reach a then-record-setting peak of 3.47 Tbps and a packet rate of 340 Pps.

Many of the other attacks exceeded 3 Tbps and 2 billion Pps.

Read the complete story here.

Unlocking Industry Secrets: Join Top MSSPs in MSSP Alert’s Benchmark Pricing Survey

The MSSP market is more like the Wild West when it comes to guidance and help on stack building and pricing, confirms Rick Murphy, a partner at Cogent Growth Partners, who added that MSSP Alert is well positioned to provide information and support to MSSPs in this area.

To guide its community of MSSPs with insights to help with setting pricing for their services, MSSP Alert recently launched this first-of-its-kind Benchmark Pricing Survey for MSSPs.

[Click here to participate in the MSSP Alert Benchmark Pricing Survey]

Many MSSP 250 companies have already participated in this important research because they recognize the value it brings to their businesses and to the industry as a whole.

Read the complete story here.

AI Now a Staple in Phishing Kits Sold to Hackers

A growing number of phishing toolkits available on the dark web are offering access to AI technologies, part of a larger trend in the cybercrime world of making it easier for even lesser-skilled bad actors to launch sophisticated attacks, according to Egress Software.

About 82% of phishing toolkits that Egress researchers found being advertised on forums and other parts of the dark web marketplace mentioned deepfakes and 74.8% referenced Al, according to a recent report by the software maker on the state of phishing.

One such toolkit illustrated in the Phishing Threat Trends Report was being offered for $300 and included a feature that said the buyer could generate a deepfake in five minutes. It’s an example of how such powerful technologies can be had fairly cheaply by hackers.

Read the complete story here.

11 Big Cyberattacks in 2024 So Far

The ransomware attack on Change Healthcare in February that exposed more than 100 million records and caused widespread disruption of the U.S. healthcare system was the most significant data breach in the first half of the year, according to a recent a recent report by Kiteworks.

The attack, in which an affiliate of the ransomware group BlackCat/ALPHV stole 4TB of data, highlighted once again that healthcare systems in the United States and elsewhere continue to be a top target of ransomware and other threat groups, according to the company, which specializes in secure email communication and last month raised $456 million to raise its valuation to $1 billion.

In fact, five of the top 11 data breaches listed in Kiteworks’ “Top 11 Data Breaches in 1H 2024 Report” were in the healthcare industry, ranging from companies like Change, which is a subsidiary of UnitedHealth Group, to healthcare consortium Kaiser Permanente, UK blood test management company Synnovis, and Australian prescription delivery service MediSecure.

Other industries represented on the list include telecommunications and financial services. Others involve breaches of third parties.

Read the complete story here.

China-Backed Salt Typhoon Hack Into AT&T, Verizon Networks

Details of the work of the Chinese state-sponsored threat group Salt Typhoon, first discovered late last month targeting U.S. internet service providers (ISPs), are becoming clearer.

According to a report this week in the Wall Street Journal, the advanced persistent threat (APT) attackers breached the networks of such major broadband providers as AT&T and Verizon possibly by compromising systems used by law enforcement agencies for lawful wiretapping and other activities.

Citing unnamed sources, the news outlet said Salt Typhoon – also known as GhostEmperor and FamousSparrow – also infiltrated Lumen Technologies’ networks and targeted some organizations outside of the United States, according to the WSJ and Washington Post.

The goal of the threat group, which is believed to be part of the Chinese government’s foreign spy service – the Ministry of State Security – appears to be to gather information, possibly about Chinese nationals that the U.S. government may be targeting for surveillance. The hackers for months may have had access to the “network infrastructures used to cooperate with lawful U.S. requests for communications data, according to people familiar with the matter, which amounts to a major national security risk,” sources told the WSJ.

Read the complete story here.

You can skip this ad in 5 seconds