“If you don’t plan, when you do actually have an event your response time and general reaction will be much more chaotic, and you’ll have a much harder time defending against and mitigating a DDoS attack,” Swearingen said in an interview.

Swearingen identifies five basic areas of coverage for a good plan including:

• defining identity triggers
• list procedures and personnel in case of an attack
• who and when to bring in outside help
• a template for communication to customers
• perform simulated attacks where the plan can be practiced

Visitors to InfragardAtlanta.org were last Friday met with a non-English language video and the message “Let it flow you stupid FBI battleships,” CNET said.

Passwords from what seemed to be federal agencies such as the FBI, FAA, USDA and the Nuclear Regulatory Commission were released online. LulzSec said the leaked logins were from agencies affiliated with the FBI in “some way.”

“Most of them reuse their passwords in other places, which is heavily frowned upon in the FIB/Infragard handbook and generally everywhere else too,” the group said in a statement obtained by CNET.

LulzSec said it hacked the website in retaliation of news that the Obama administration will classify cyber attacks as acts of war.

The hackers also released emails of an InfraGard member, Karim Hijazi, chief executive of Unveillance, who said the hackers had threatened to go public with his data if he did not provide information his firm collects from customers about breached  computers and command-and-control servers used to neutralize botnets.

“In spite of these threats, I refused to pay off LulzSec or to supply them with access to this sensitive botnet information,” he said in a statement posted on the company’s website. “Had we agreed to provide this data to them, LulzSec would have been able to grow the size and scope of their DDoS (distributed denial-of-service) attack and fraud capabilities.”

Birgun.net has been the target of similar attacks in the past and is now working on determining the source and on preventing more attacks.

“We encounter this situation only one day after tens of thousands of people took the street [to call] for a free Internet,” site administrators said. “We apologize to our readers for this inconvenience. We kindly inform the public that this attack will not make us take back a single step from our path.”

Vancouver Sun said the Victoria-based ISP tweeted it had suffered a distributed denial-of-service attack Wednesday morning.

The attack took down Island Net’s website and impacted its customers as well, including Thrifty Foods, Smoking Lily  and Cangeneology.

Describing the onslaught of attacks, Islandnet owner Mark Morley told Goldstream News Gazette, “It was like playing Whac-a-Mole for a while, every time we blocked one another would pop up.”

Ed Amoroso, AT&T

Changing law that would demand industry to share more cybersecurity information among companies will not lead to more secure networks, according to AT&T Chief Security Officer Ed Amoroso.

When there is talk about information sharing, it sounds great, “like saying you should love your mom and eat apple pie,” Amoroso said at yesterday’s Potomac Institute for Policy Studies symposium in Washington, D.C., according to FierceGovernmentIT.

However, AT&T views the network security measures it takes as a comparative advantage over competitors. For example, Amoroso mentioned that a team he manages blocks attack signatures against iPhones.

“Should I share that information with Verizon? The answer is ‘Curse word, no, period,’” he said. “Let them go figure it out on their own. Is that what Gen. Alexander wants to hear? No.”

AT&T would not invest to the degree it has on blocking those attack signatures, Amoroso said, if it knew from the beginning it had to share that information with market rivals, he added.

Amoroso also said the federal initiative to slash Trusted Internet Connections has resulted in federal agencies becoming more exposed to distributed denial-of-service attacks as there are fewer connections to overwhelm with malicious traffic.

The cyber attack, which prevented tens of thousands of users from accessing RNW’s online news and feature services, demonstrates how vulnerable new media can be, said Radio Netherlands Worldwide’s Managing Director Jan Hoek.

“RNW is an international organization and free speech is of the utmost importance to us,” he said in a release on the RNW website. “Luckily, we’re still able to reach most of our worldwide audience with independent information through our 3,000 media partners.”

It is unclear who is behind the attack, which follows only days after Dutch Rabobank was hit by a similar assault.

RNW has websites in 10 languages, including Dutch, English, Spanish, Arabic and Indonesian.

Addressing the Iranian people, a post on AnonNews.org noted how “an era of change is sweeping the world,” and workers everywhere are taking their place to lead and control their destiny.

“The people of Iran have the admiration of Anonymous, and the entire world,” the release said. “We can see that Iran still suffers at the hands of those in power. Your former government has seized control, and tries to silence you. People of Iran – your rights belong to you. You have the right to free speech and free press, the freedom to assemble and to be safe in your person. You have the right to live free and without fear.”

Coinciding with International Workers’ Day, the DDoS attacks were launched 5 a.m. GMT and targeted more than a dozen Iranian government sites, including those of the Office of the Supreme Leader, state police and the Islamic Revolutionary Guards, according to SC Magazine.

Change.org founder Ben Rattray asked the U.S. State Department to condemn the “highly sophisticated” attacks, which he said began after the website’s petitioned to free Ai WeiWei, an artist and outspoken critic of the Chinese government.

The site was hit by an onslaught of distributed denial-of-service attacks, and now 99 percent of the traffic flooding into the site is “bad traffic,” Rattray said.

“It’s one thing for elements of the Chinese government to block access to our site to residents in China,” he told The Examiner. “But it’s quite another thing to launch an assault that prohibits people in other countries from a fundamental right to organize.”

The site has also asked the FBI to investigate the attacks, but the agency has not taken any discernible action, Rattray said.

SiteProtect allows customers’ web infrastructure to operate normally under attack, thus avoiding downtime and the associated loss of potential revenue. Combined with Neustar UltraDNS, SiteProtect provides customers with strong protection bundles that provide security for both domain name system and web traffic.

When a DDoS attack hits, SiteProtect is activated via a simple DNS change in the UltraDNS Management Portal, which can also be accessed through a mobile application. The customers’ traffic is routed to the cloud-based traffic scrubbing centers, where legitimate traffic is forwarded on while the attack traffic is contained. SiteProtect only charges a per-incident fee beyond the monthly subscription and does not charge based on the size of an attack.

“The problem with other approaches to DDoS protection is that the network needs to take a hit before mitigation is started,” said Rick Rumbarger, senior director, product management, Neustar Internet Infrastructure Services. “With SiteProtect, the brunt of the attack is immediately shifted away from the client infrastructure and directed to our mitigation cloud service. By moving this service to the cloud, customers no longer have to buy and maintain large capacity infrastructure with its resulting capex expenses.”

Cybersecurity company AhnLab confirmed the websites had been hit by DDoS attacks and estimated that up to 11,000 personal computers had been infected by malware and recruited for the attack, according to BBC News.

The New York Times reported a South Korean government official said there had been “no major damage at all” to computer systems at the Blue House, adding, “We were attacked, but it was defended.”

The motive and origin of the cyber attack are unknown, UPI said, and the National Police Agency said it is investigating the incident.