What's new

Massive DDOS attack targeting Pakistan's Infrastructure.

Status
Not open for further replies.
Splurgenxs said:
I guess they forgot to put this

recaptcha_form.png
Click to expand...
Captha has another rpurpose it's not there to stop ddos attacks.
 
.
Dalit said:
I could write whole thesis on the subject. Cyber security really sucks. Pakistan really needs to up its cyber security.

Pakistan needs to understand one thing very clearly. It has many enemies and some sit very close to our borders. These people will use all avenues at their disposal to attack. The state needs to wake up and start acting like it is living in this century. Cyber security is a must.
Click to expand...

100% agree, Pakistan's residential and commercial users are is still using DLink routers which haven't been patched for the uPNP exploit:
1631996542800.png


Example of a NAT Upnp injection script utilised against Pakistani routers previously:
1631996686511.png


Weaponised Urdu Font on a word document:
1631996749004.png

Filename:EOI-Application_Form.inp md5:d9279f628c9f19420f14edf3cfc3123f c2:officeupdater[.]org

Weaponised Word Document using InPage exploit:
1631996791085.png

1631996810679.png


And to top it all off our National Cyber Crime centre's website is still using HTTP protocol.
1631996874610.png
 

Attachments

  • 1631996560252.png
    1631996560252.png
    79.3 KB · Views: 34
. .
RescueRanger said:
100% agree, Pakistan's residential and commercial users are is still using DLink routers which haven't been patched for the uPNP exploit:
View attachment 778792

Example of a NAT Upnp injection script utilised against Pakistani routers previously:
View attachment 778794

Weaponised Urdu Font on a word document:
View attachment 778795
Filename:EOI-Application_Form.inp md5:d9279f628c9f19420f14edf3cfc3123f c2:officeupdater[.]org

Weaponised Word Document using InPage exploit:
View attachment 778797
View attachment 778798

And to top it all off our National Cyber Crime centre's website is still using HTTP protocol.
View attachment 778799
Click to expand...
That http thing is a true irony wonder what USA imported advisors are doing about it for ik.
 
.
doorstar said:
I was gonna ask him about the relationship between a DDoS attack (by flooding a server) and captcha (to separate a human from a machine) but the I saw recueranger the op who is also a think tank consultant liking this absurd post so I said never-mind this is PDF where anything is possible
Click to expand...

A captcha prevents an attacker from performing more database-intensive operations that may cause a DoS via CPU or memory exhaustion.

ieeexplore.ieee.org

Handling System Overload Resulting from DDoS Attacks and Flash Crowd Events

This paper presents a system that provides mitigation for DDoS attacks as a service, and is capable of handling flash crowd events at the same time. Providing DDoS protection as a service represents an important solution especially for Websites that have limited resources with no infrastructure...
ieeexplore.ieee.org
 
. .
RescueRanger said:
A captcha prevents an attacker from performing more database-intensive operations that may cause a DoS via CPU or memory exhaustion.

ieeexplore.ieee.org

Handling System Overload Resulting from DDoS Attacks and Flash Crowd Events

This paper presents a system that provides mitigation for DDoS attacks as a service, and is capable of handling flash crowd events at the same time. Providing DDoS protection as a service represents an important solution especially for Websites that have limited resources with no infrastructure...
ieeexplore.ieee.org
Click to expand...

I heard Cloudflare offers good anti-DDOS services. Well, Load balancing is another great factor to consider against such attacks. I mean hiring DDOS services on the Dark web is easily doable.
 
.
RescueRanger said:
A captcha prevents an attacker from performing more database-intensive operations that may cause a DoS via CPU or memory exhaustion.

ieeexplore.ieee.org

Handling System Overload Resulting from DDoS Attacks and Flash Crowd Events

This paper presents a system that provides mitigation for DDoS attacks as a service, and is capable of handling flash crowd events at the same time. Providing DDoS protection as a service represents an important solution especially for Websites that have limited resources with no infrastructure...
ieeexplore.ieee.org
Click to expand...
thanks, post deleted.
 
.
I dont think Pakistan is even ready for a cyber attack. This is a new frontier of war. Our enemy is very focused on us. Disinformation, terror, investing in 5th columnists. I dont think we dont even appreciate this whole range of weapons India has deployed against Pakistan.
 
.
HttpError said:
I heard Cloudflare offers good anti-DDOS services. Well, Load balancing is another great factor to consider against such attacks. I mean hiring DDOS services on the Dark web is easily doable.
Click to expand...

The problem is that the majority of people hired as infosec managers hired by entities vulnerable to attack are just a warm body cashing in their monthly pay-cheque.
 
. .
RescueRanger said:
The problem is that the majority of people hired as infosec managers hired by entities vulnerable to attack are just a warm body cashing in their monthly pay-cheque.
Click to expand...

This is what happens when you appoint People who were born in 60's as the head of IT and Sarkari Babus who know have 0 knowledge or experience about such technologies. Most of them who know have already moved abroad, as such skills are highly desirable or remaining ones are working in private sectors already planning to go abroad.
 
.
HttpError said:
This is what happens when you appoint People who were born in 60's as the head of IT and Sarkari Babus who know have 0 knowledge of experience about such technologies. Most of them who know have already moved abroad as such skills are highly desirable or remaining ones are working in private sectors already planning to go abroad.
Click to expand...

Yes I agree, there are some very good people in Pakistan, some of them have published research in peer reviewed journals, but as always no respect for human capital, and then people cry about "brain drain" and "overseas Pakistani". How about you start respecting your indigenous talent and nurturing them, then they wouldn't have to leave.

There was a time Rakuten came to Pakistan to take our best and brightest in the IT sector to Japan, what did the government do to reduce the human capital flight? Nothing!
 
.
research paper, theory blah blah wouldnt help. To stop this one must have real time experience dealing the attacks then he have knowledge how to stop this.
 
. .
Status
Not open for further replies.

Similar threads

A
  • Article
Maersk plans a $2 billion investment in Pakistan's port and transportation infrastructure, boosting development.
Replies
0
Views
358
Akbar26
A
B
Bangladesh hacktivists target critical infrastructure in India, Israel, and Australia
Replies
0
Views
499
Black_cats
B
ghazi52
International Monetary Fund (IMF) to Pakistan .. Updates
Replies
9
Views
938
ghazi52
ghazi52
H
  • Article
Russia approves $5 billion, 1,040km gas pipeline to boost Pakistan's natural gas consumption
Replies
1
Views
316
AbdulQadir7
A
ghazi52
Buna-Raast: PM Shehbaz launches project to facilitate remittances from Arab countries
Replies
0
Views
246
ghazi52
ghazi52

Latest posts

Pakistan Defence Latest Posts

Pakistan Affairs Latest Posts

Military Forum Latest Posts

Country Latest Posts

Back
Top Bottom