US-CERT is aware of public reports of ongoing distributed denial-of-service attacks against entities in the government and private sector. According to the reports, these attacks are being attributed to the hacker group Anonymous.
US-CERT encourages users and administrators to do the following to reduce the risk associated with this and other malware campaigns:
- Do not open attachments in email messages from unknown sources.
- Install anti-virus software and keep virus signatures files up to date.
- Refer to the Recognizing and Avoiding Email Scams (pdf) document for more information on avoiding email scams.
- Refer to the Avoiding Social Engineering and Phishing Attacks document for information on social engineering attacks.
- Refer to the Recovering from Viruses, Worms, and Trojan Horses document for additional information on how to recover from malware.
- Refer to the Continuing Denial of Service Threats Posed by DNS recursion (v2.0) (pdf) document and Understanding Denial-of-Service Attacks document for additional information on denial-of-service attacks.
US-CERT will provide additional information as it becomes available.