IT Security Stories to Watch: Did China Launch GitHub DDoS Attack?

U.S. coding website GitHub last week experienced the largest distributed denial-of-service (DDoS) attack in its history. And as a result, GitHub topped this week's list of IT security newsmakers, followed by INTERPOL, CipherCloud and Kreditech. Here are four IT security stories to watch during the week of March 30.

Dan Kobialka, Contributing writer

March 31, 2015

3 Min Read
IT Security Stories to Watch: Did China Launch GitHub DDoS Attack?

U.S. coding website GitHub last week experienced the largest distributed denial-of-service (DDoS) attack in its history.

And as a result, GitHub topped this week’s list of IT security newsmakers, followed by INTERPOL, CipherCloud and Kreditech.

What can managed service providers (MSPs) and their customers learn from these IT security newsmakers? Check out this week’s list of IT security stories to watch to find out:

1. GitHub suffers DDoS attack

U.S. developer site GitHub recently experienced outages due to a DDoS attack that lasted several days.

The Wall Street Journal reported that the DDoS attack brought excessive traffic from overseas users of Chinese search provider Baidu to GitHub, which shut down GitHub’s website at times.

GitHub added that the incident was the result of “a wide combination of attack vectors.”

We are completely focused on mitigating this attack. Our top priority is making sure github.com is available to all our users while deflecting malicious traffic,” GitHub wrote in a blog post.

2. INTERPOL discovers threat to virtual transactions

INTERPOL cyber threat researchers have identified an issue that could cause malware or other illegal data to be embedded in virtual transactions.

Noboru Nakatani, executive director of the INTERPOL Global Complex for Innovation (IGCI), said cyber attackers potentially could use the threat to launch zero-day attacks.

“Having identified this threat, it is now important for INTERPOL to spread awareness amongst the public and law enforcement, as well as encourage support from communities working in this field to find solutions,” Nakatani said in a prepared statement.

3. CipherCloud: Most enterprises prefer data encryption for cloud security

A new CipherCloud study revealed 64 percent of Global 2000 organizations identified cloud data security audit/compliance/privacy as a top challenge in the first quarter of 2015.

CipherCloud’s “Global Cloud Data Security Report” also showed that data encryption (81 percent) led tokenization (19 percent) among enterprises that have deployed cloud security solutions.

Other report results included:

  • Healthcare and finance organizations respectively protected 100 percent of all electronic protected health information (ePHI) and personally identifiable information (PII).

  • Latin America topped all regions with 100 percent of protection efforts centered on encryption, while North America, Europe and Asia-Pacific deployed encryption by 85 percent, 78 percent and 50 percent margins.

  • 32 percent of organizations named unprotected data in the cloud as a primary concern.

“Organizations are harnessing cloud computing to more effectively compete in the global economy with faster time to market and cost efficiencies,” CipherCloud CEO Pravin Kothari said in a prepared statement. “At the same time, the head winds of privacy legislation in North America, Europe, South America and Asia Pacific make the case for data-centric protections in the cloud.”

4. Kreditech investigates data breach

Consumer finance startup Kreditech has begun investigating a data breach after hackers published thousands of applicants’ personal and financial information online, according to KrebsOnSecurity

Anna Friedrich, Kreditech’s head of communications, pointed out that customer data was not stolen; however, applicant information may have been leaked by one of the company’s employees.

“This incident stemmed from a form on our website that was [storing] data in a caching system that deleted data every few days,” she added. “What happened was that a subset of application data was affected.”

What do you think will be the biggest IT security stories for MSPs this week? Share your thoughts in the Comments section below, via Twitter @dkobialka or email me at [email protected].

About the Author

Dan Kobialka

Contributing writer, Penton Technology

Dan Kobialka is a contributing writer for MSPmentor and Talkin' Cloud. In the past, he has produced content for numerous print and online publications, including the Boston Business Journal, Boston Herald and Patch.com. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State College (now Bridgewater State University). In his free time, Kobialka enjoys jogging, traveling, playing sports, touring breweries and watching football (Go Patriots!).  

Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like