Technews

Fri Oct 21, 2016, 07:29 PM

Today the web was broken by countless hacked devices – your 60-second guide

Today, a huge army of hijacked internet-connected devices – from security cameras to home routers – turned on their owners and broke a big chunk of the internet.

Compromised machines, following orders from as-yet unknown masterminds, threw huge amounts of junk traffic at servers operated by US-based Dyn, which provides DNS services for websites large and small.

We're told gadgets behind tens of millions of IP addresses were press-ganged into shattering the internet – a lot of them running the Mirai malware, the source code to which is now public so anyone can wield it against targets.

The result: big names including GitHub, Twitter, Reddit, Netflix, AirBnb and so on, were among hundreds of websites rendered inaccessible to millions of people around the world for several hours today.

http://www.theregister.co.uk/2016/10/21/dyn_dns_ddos_explained/

This is what happens when you scale up a science experiment designed by academics for a benign environment.

The phone company first experienced this sort of thing back in the '50s when a radio disk jockey said that he would give a record to the first person to call the station. Masses of calls from listeners disrupted the telephone network.

8 replies, 467 views

Reply to this thread

Back to top Alert abuse

Always highlight: 10 newest replies | Replies posted after I mark a forum
Replies to this discussion thread
Arrow 8 replies Author Time Post
Reply Today the web was broken by countless hacked devices – your 60-second guide (Original post)
Troll2 Oct 2016 OP
metroins Oct 2016 #1
orson Oct 2016 #4
metroins Oct 2016 #6
orson Oct 2016 #7
metroins Oct 2016 #8
Ms.Eloriel Oct 2016 #2
Troll2 Oct 2016 #3
PrimeCustodian Oct 2016 #5

Response to Troll2 (Original post)

Fri Oct 21, 2016, 07:39 PM

1. Saw it coming

On the past 4 weeks there's been a huge uptick in my websites for Russian fake accounts being made. Not joking.

I have my main site in a wrapper, so if the wrapper is compromised, I can run the sites without the wrapper. I learned to do this when I was caught in up previous mass hack.

When I saw the uptick this time, I changed the sysadmin passwords two weeks ago and changed the key for terminal logins. I wasn't caught in this one luckily.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to metroins (Reply #1)

Fri Oct 21, 2016, 08:15 PM

4. Are you saying the Russians did it?

How fragile are these systems we depend on?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to orson (Reply #4)

Sat Oct 22, 2016, 08:10 AM

6. I'm saying

Russian fake accounts are made on my websites prior to a large mass hack.

I think the Russians did it, because that's my experience.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to metroins (Reply #6)

Sat Oct 22, 2016, 09:48 AM

7. I've read that this attack felt like a probe

A systematic attempt to gauge the ability to respond. The attack came in waves. Each one was more intense than the last, forcing an escalating response. What do you think is going on here?

Reply to this post

Back to top Alert abuse Link here Permalink


Response to orson (Reply #7)

Sat Oct 22, 2016, 09:31 PM

8. I think that could be it

I see it as a diversion, a DoS attack is pretty unsophisticated but using the objects they used and the scale shows great planning.

But a DoS attack achieves nothing but slight disruption, so either they're testing the response or somewhere else important data was stolen.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Troll2 (Original post)

Fri Oct 21, 2016, 07:47 PM

2. Aw c'mon. There's a big difference.

The heavy traffic in your phone company example from the 50s wasn't an attack INTENDED to disrupt service.

Otherwise, good info.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Ms.Eloriel (Reply #2)

Fri Oct 21, 2016, 08:05 PM

3. The incident caused the development of ways to deny or control excessive and malicious traffic

There was also extensive study of how customer owned equipment attached to the network could maliciously damage the network during the Carterphone case.

The problem was well understood in communications by the time that the Internet was being developed.

Reply to this post

Back to top Alert abuse Link here Permalink


Response to Troll2 (Original post)

Fri Oct 21, 2016, 08:24 PM

5. Ooooh..........thanks for the headups champs!


It is only 3 weeks too late ...!

NOTE: I have noticed some irregularities for at least that long. Thanks for the warning though.........it confirms my suspicions.

Reply to this post

Back to top Alert abuse Link here Permalink

Technews