Petya/NotPetya: Ransomware Attacks in a New Form, but is it Ransomware?

By Yohai Einav, Principal Security Researcher

Petya

Posted on July 26, 2017 in: Security

Tags: ,

Ransomware has changed a lot since it was introduced back in 1989 by Dr. Joseph Popp, where 20,000 floppy disks were distributed via snail mail. The malware hid files on a victim’s hard drive and encrypted only the file names, rather than the entire files themselves. As one might assume, the entire remediation process was manual, rather than digital. Popp’s program asked victims to print the ransom note and send $189 to a bank in Panama. When he was caught, he was determined unfit to stand trial. All the money he obtained was donated to AIDS research.

Read more

Petya Runs Wild

By Bruce Van Nice, Director, Product Marketing

mountain-line-in-snow

Posted on June 30, 2017 in: Security

Tags:

As has been widely reported, a new ransomware known as ‘petya’ (also being referred to as `notpetya` or `petwrap` in the research community) started circulating on the internet earlier this week. It appears the attacks started in Eastern Europe and caused widespread damage around the globe.

Read more

Why You Should Care About DNS Latency

By Dean McDonald, Senior Director, Sales Engineering, Asia Pacific

turtle walking slowly

Posted on June 28, 2017 in: Network

Tags:

The term latency is used a lot in networking and most commonly refers to how long it takes a packet to reach a destination and come back again. The most common tools for measuring network latency are ping and traceroute, but there are more. When I speak to operators around Asia Pacific about DNS though, it’s interesting to hear that latency is not often used when benchmarking or measuring their DNS service quality.

Read more

The Importance of DNS in Security – Part 2

By Dean McDonald, Senior Director, Sales Engineering, Asia Pacific

Iron Bars

Posted on June 20, 2017 in: Security

Tags:

In my last blog post, part 1 of this series, I discussed the important role DNS plays in protecting service provider networks from DNS amplification attacks, and the necessity of not only blocking malicious queries but also of not blocking good queries. In this post, I’ll look at Pseudo-Random Subdomain (PRSD) attacks and other malware (like phishing and ransomware), showing why DNS is perfectly suited to protect both networks and subscribers.

Read more

The Importance of DNS in Security – Part 1

By Dean McDonald, Senior Director, Sales Engineering, Asia Pacific

Posted on June 13, 2017 in: Security

Tags: , ,

The importance of the DNS security protocol in general is widely understood, particularly in today’s overall security landscape. Anyone who currently manages (or has managed) caching/recursive or authoritative DNS servers knows the pain it causes when they go down. It’s bad. Without available DNS there is no internet, at least no usable internet. Generally, most, if not all applications today rely on DNS to locate resources somewhere on the internet to function. Additionally, said apps are becoming more and more reliant on the DNS.

Read more

Delivering a Safe, Reliable Internet to Canadians

By Mark Gaudet, Manager of Business Development, CIRA

Canadian Flag

Posted on May 31, 2017 in: Network, Security

Tags:

The Domain Name System – the DNS – is the foundation of the internet. Beyond connecting IP addresses with web requests, DNS provides the basis for both the detection of and protection from global cyberthreats before they reach an organization’s corporate network resources —particularly given that more than 90% of malware uses DNS for command and control. This presents a tremendous opportunity for service providers to utilize their DNS infrastructure to provide security services to their business customers, which have a tremendous need for stronger, more proactive cyber protection.

Read more

Security as a Service for SMBs: How ISPs can Fill a Rapidly Growing Need

By Arlen Frew, GM, Security & Applications

smb-security-as-service-blog

Posted on May 24, 2017 in: Security

Tags: , , ,

With cyberattacks affecting SMBs at an alarming rate, business owners are challenged with putting strong enough security in place to protect them from the average $20,000 price tag per incident. Ransomware in particular has hit the SMB sector hard. As stated in a recent study by Arctic Wolf Networks, last year saw a 433% increase in ransomware attacks against SMBs1 – a number that is expected to grow.

Read more

Taking a Defense in Depth Approach to Ransomware

By Craig Sprosts, vice president, product management

Ransomeware

Posted on May 15, 2017 in: Security

Tags:

By now you’ve most likely heard about the WannaCry (a.k.a. WannaCrypt) ransomware that began wreaking havoc in parts of the world this past Friday (May 12, 2017). Given Nominum’s broad, deep view into DNS data from our service provider customers around the world, we were able to gather insights into how WannaCry made its way onto subscriber networks around the globe (see the WannaCry: views from the DNS frontline in our Data Science blog for more thoughts). Reports show that the latest ransomware attack has infected more than 230,000 computers in over 150 countries.1 For now we are seeing the outbreak slow down, but some expect this is just the first of more similar attacks to come.2

Read more

From “New Core Domains” to “Zero-day Attacks”

By Yohai Einav, Principal Security Researcher

New Core Domains

Posted on May 9, 2017 in: Security

Tags: ,

Excerpted from Nominum Spring 2017 Security Report

In late April, we released the Nominum Spring 2017 Security Report, the latest report on our security research team’s DNS and HTTP analysis which provides a comprehensive view of the current cyberthreat landscape. In the report we take a look at “new core domains” and how they help us identify “zero-day attacks” so we can take steps mitigate them.

Read more

1 2 3 4 12