A month ago, security guru Bruce Schneier wrote that someone, probably a country, had been testing increasing levels of denial-of-service attacks against unnamed core internet infrastructure providers in what seemed like a test of capability.
Advertisement
However, security experts have been warning for year that the ever-widening number of devices being connected online could lead to breaches and online attacks. Dyn, based in New Hampshire, said the attack began shortly after 12pm BST.
Meanwhile not much is required in the way of resources or skill to mount a botnet attack, he said, adding that would-be attackers can rent botnets for as little as $100.
According to Flashpoint, a cybersecurity firm, the hackers used malware called Mirai, which takes over unsuspecting people’s web-connected devices and turns them into a network that can be used in a cyberattack. Those requests look legitimate, so it’s hard for Dyn’s systems to screen them out from normal domain name lookup requests. A botnet is formed of personal computers in homes or offices infected with malicious code which, upon the request of a hacker, can start flooding a Web server with data. Akamai security advocate Martin McKeay said that anyone from a young hacker messing around, to hackivists, to a criminal organization or even a nation state could be behind the attack.
A MAJOR cyber offensive that brought down internet behemoths Twitter and Paypal is thought to have been launched by hackers using common devices such as webcams, baby monitors and digital recorders.
No one has yet claimed responsibility for the attacks, according to researchers.
A DDoS attack occurs when a mammoth amount of data or traffic from multiple sources are directed to a certain website to overwhelm its servers causing network failures and unavailability. It also filters out bad traffic headed to the websites – and that’s where things fell apart Friday. Caching the results to speed up responses is impossible. “These attacks are getting larger all the time”. They’re not cacheable because of the random prefix.
External peripherals were used as weapons in hacking by the cyber attackers. If IoT devices are being used, that would explain the size and scale [and how the attack] would affect: someone the size of Dyn.
In the case of the Dyn incident, the computers targeted were Domain Name System servers.
Amazon.com’s web services division, one of the world’s biggest cloud computing companies, also reported a related outage, which it said was resolved early Friday afternoon.
He said: “We will make one demand actually”. “There are definitely infrastructure providers that we can’t reach”.
On Saturday morning WikiLeaks tweeted: “Mr. Assange is still alive and WikiLeaks is still publishing”.
Advertisement
Information for this article was contributed by Andrea Peterson of The Washington Post, Molly Schuetz of Bloomberg News and Raphael Satter of The Associated Press.
