|The United States is investigating cyberattacks that led to widespread online disruption across the US and Europe a few days ago. The DHS has launched an investigation into the DDoS attack, which took offline some of the most popular websites: Netflix, Twitter, Spotify, Reddit, CNN, PayPal, Pinterest, Fox News, the Guardian, the New York Times and the Wall Street Journal. No one has yet claimed responsibility for the intrusions.
According to security specialists, the attacks seemed to have been focused on Dyn – a company running the DNS. Amazon also reported multiple-hours outage, but it is unclear whether these outages are connected. Dyn became aware of the attack shortly after it started, and began monitoring and mitigating it. A second attack was confirmed in a few hours, and then a third one later that day.
It must be said that DDoS attacks are becoming increasingly common. For example, the “source code” to the Mirai botnet (network of devices infected with self-propagating malware) has been recently released by a hacker group, which could lead to the situation where the worldwide web is flooded with attacks from other botnets powered by insecure routers, IP cameras, digital video recorders and other vulnerable devices. This is why the recent attack was attributed to malware based on the Mirai source code.
Dyn announced that it was still trying to find out how the attack led to the outage, while Gizmodo revealed that another wave of attacks was affecting the West Coast of the US and Europe. Although it was unclear how the two attacks were related, the outages were too similar to deny connections between them.
Cybersecurity experts say that the relative ease at which DDoS attacks are to execute allows to suggest that the perpetrators are most likely teenagers who want to cause mischief rather than state-sponsored attackers. At the same time, the attacks underline the flaws in the DNS, which is an ageing technology the industry is struggling to update. Other vulnerabilities are one-factor authentication (password-only security) and unencrypted web connections.
Other security experts suggested that major Internet infrastructure companies had experienced significant DDoS attacks that looked like the hackers were trying to test their systems for weaknesses.
Monday, October 24th, 2016
|It Was Professor Plum in the Library with a Candlestick|
|go Happy bears ha.|
|Everybody has to keep practicing so when it counts they will be up to the task.||
Most Popular Stories