Post AZiPyfbZ1bHFrqBliK by AkaSci@fosstodon.org
(DIR) More posts by AkaSci@fosstodon.org
(DIR) Post #AZgo4judvmCLY5cVYe by AkaSci@fosstodon.org
2023-09-12T02:24:57Z
0 likes, 0 repeats
arXiv, the open-access repository of electronic preprints and postprints, is experiencing a DDOS attack. Over a million email change requests were received from 200 IP addresses in China, overwhelming the arXiv email service.Browsing and submitting papers on arXiv are not affected. Daily emails, new account registrations, and legitimate email address changes are all impacted by this disruption.What would be the motivation?https://blog.arxiv.org/2023/09/11/arxiv-org-is-experiencing-a-ddos-attack/#arXiv #ddos
(DIR) Post #AZgo4lCP9E03XSwCsi by wauz@mastodon.bayern
2023-09-12T11:25:15Z
0 likes, 0 repeats
@AkaSciThe use of IP adresses from China doesn't necessarily say, that the aggressors are Chinese. All over the world, computers are vulnerable. If you can have a botnet in the USA, or Germany, you can also have one in China.@realmurphy
(DIR) Post #AZgr4EMbWrfBZ19Dk0 by jt_rebelo@masto.pt
2023-09-12T11:58:44Z
0 likes, 0 repeats
@wauz I agree, but it is moderately possible they are. Given the recent attacks on the Laurentian University, and the Charcoal Typhoon/Bronze University attacks, there's certainly a state (CCP)-sponsored attack several on learning, knowledge and IP platforms online.@AkaSci @realmurphy
(DIR) Post #AZgrNYNlKAQ79Wu3s0 by wauz@mastodon.bayern
2023-09-12T12:02:17Z
0 likes, 0 repeats
@jt_rebeloWhat makes 'certainly' certain?After all, there a 'stakeholders' like Elsevier, that clearly don't like platforms open to everybody. @AkaSci @realmurphy
(DIR) Post #AZgru1ei1R47D1JWG8 by jt_rebelo@masto.pt
2023-09-12T12:08:08Z
0 likes, 0 repeats
@wauz several network ans security researchers and companies saying it. As much as I distrust Microsoft, for example, I have a modicum of respect for SecureWorks, Recorded Future (Insikt Group Research) and several others. China (and other countries, of course) have several APT groups and the state hasn't done anything to stop them (they won't even recognise they exist, Chengdu is almost a safe haven and several contractor allegedly have ties to the local universities).@AkaSci @realmurphy
(DIR) Post #AZgvj4NVxV0mHhIoPg by realmurphy@social.linux.pizza
2023-09-12T12:50:59Z
0 likes, 0 repeats
@wauz @AkaSci "The use of IP adresses from China doesn't necessarily say, that the aggressors are Chinese"True, and nowhere in the toot nor the linked blog post is this asserted, isn't it? Thus, going via the abuse system may hopefully help a bit, but then I do have my doubts...
(DIR) Post #AZgwNv29bdzPAxn1Hs by wauz@mastodon.bayern
2023-09-12T12:58:21Z
0 likes, 0 repeats
@realmurphyWell, the question was about motivation for the attack. Experience is, that business and crime is about money. Therefore I recommend a wide look. @AkaSci
(DIR) Post #AZiPyb8LeHWy04UNcW by AkaSci@fosstodon.org
2023-09-12T11:29:20Z
0 likes, 0 repeats
A search for "arxiv ddos" produces hundreds of papers on DDoS and DDoS mitigation.How many of these are practical and useful and how many of these are implemented by ISPs?https://www.google.com/search?q=arxiv+ddos&sca_esv=564661802&hl=en&sxsrf=AB5stBjwJWXXDQjeAjmKos23xxcq7yRnbQ%3A1694518049914&source=hp&ei=IUsAZdL7NOagur8Ph8W6qA8&iflsig=AD69kcEAAAAAZQBZMZ5TbNkRRmU2K_5GeS3GkTRWgsCo&ved=0ahUKEwiSkLbT-6SBAxVmkO4BHYeiDvUQ4dUDCAo&uact=5&oq=arxiv+ddos&gs_lp=Egdnd3Mtd2l6IgphcnhpdiBkZG9zMgQQIxgnMggQABiKBRiGAzIIEAAYigUYhgMyCBAAGIoFGIYDMggQABiKBRiGA0jcEFAAWL0PcAB4AJABAJgBsgGgAf4LqgEEMC4xMLgBA8gBAPgBAcICBxAjGIoFGCfCAhQQLhiKBRixAxiDARjHARjRAxiRAsICCBAAGIoFGJECwgILEC4YigUYsQMYgwHCAgsQABiABBixAxiDAcICCxAAGIoFGLEDGIMBwgIREC4YgAQYsQMYgwEYxwEY0QPCAgcQABiKBRhDwgINEC4YigUYxwEY0QMYQ8ICCBAuGIAEGLEDwgINEAAYigUYsQMYgwEYQ8ICDhAAGIoFGLEDGIMBGJECwgIKEAAYgAQYFBiHAsICCBAAGIAEGLEDwgIREC4YigUYsQMYgwEYxwEYrwHCAgUQABiABMICBhAAGBYYHg&sclient=gws-wiz@joxean @jt_rebelo #ddos #arxiv #cyberSecurity2/n
(DIR) Post #AZiPyfbZ1bHFrqBliK by AkaSci@fosstodon.org
2023-09-12T11:55:13Z
0 likes, 0 repeats
Other notable recent cyberattacks on the science community -Aug 1, 2023 - Cyberattack on NSF’s NOIRLab forced the suspension of astronomical observations and computer systems at the Gemini North observatory in Hawai‘i and a number of remotely controlled telescopes in Chile. Recovery still in progress.https://noirlab.edu/public/announcements/ann23022/Image source: https://noirlab.edu/public/images/iotw2331a/#Astronomy #CyberSecurity #NOIRLab3/n
(DIR) Post #AZiPyjZEIDmq9l7xdA by AkaSci@fosstodon.org
2023-09-12T12:04:25Z
0 likes, 0 repeats
Other notable recent cyberattacks on the science community -Oct 29, 2022 - a cyberattack on the Atacama Large Millimeter/submillimeter Array (ALMA) computer systems, forced the suspension of astronomical observations and the public website.Took 48 days to restore services.https://public.nrao.edu/news/alma-services-affected-by-cyberattack/https://public.nrao.edu/news/alma-successfully-restarted-observations/#Astronomy #CyberSecurity #ALMA4/n
(DIR) Post #AZiPynsWGRarWkBQFk by AkaSci@fosstodon.org
2023-09-12T12:28:36Z
1 likes, 0 repeats
February 24, 2022, the day Russia invaded Ukraine - Russian hackers infiltrated satellite ISP Viasat's internal network. The attack took 40,000 to 45,000 customer satellite modems offline in Europe, many located in Ukraine, thousands of which were "bricked."The NSA attributed the hack to Russian actors which led to sanctions from the US and Europe.https://en.wikipedia.org/wiki/Viasat_hackhttps://news.viasat.com/blog/corporate/ka-sat-network-cyber-attack-overviewhttps://therecord.media/viasat-hack-was-two-incidents-and-resulted-in-sanctionshttps://www.wired.com/story/viasat-internet-hack-ukraine-russia/#CyberSecurity #Viasat5/n