Massive Cyber attack! Amazon,Netflix,Twitter, and other sites. (1 Viewer)

Previous Next
Domefan504

Domefan504

SR is my life!
Joined
Jan 31, 2013
Messages
15,018
Reaction score
12,903
Location
Metry/NOLA
Offline
Just a heads up if you had issues on the Net this morning. Good news as of now it seems like personal data was not affected.

Popular sites like Reddit, Twitter and Netflix suffer outages - Oct. 21, 2016

Affected sites included Twitter (TWTR, Tech30), Etsy (ETSY), Github, Vox, Spotify, Airbnb, Netflix (NFLX, Tech30) and Reddit.
Dyn, which manages website domains and routes internet traffic, experienced two distributed denial of service attacks on its DNS servers. A DDoS attack is an attempt to flood a website with so much traffic that it impairs normal service.
"If you take out one of these DNS service providers, you can disrupt a large number of popular online services, which is exactly what we're seeing today," said Jeremiah Grossman, chief of security strategy at cybersecurity startup SentinelOne.
Click to expand...


<script src='http://i.cdn.turner.com/money/.element/script/7.0/players/embed.js?videoid=/video/technology/2016/10/21/ddos-attack-websites.cnnmoney'></script>
 
Most news agencies are reporting it's over, but it is not. Many sites and services are still down.
 
Netflix and airbnb working for me now.
 
Saints Report still up and running . Thank you Andrus for the hard work!
 
This whole thing is really interesting.

So analysts now know that this cyber attack that shut down some of the largest and most popular web services was the result of a coordinated effort where a hacker program (call it a virus or a bot depending on your perspective) commandeered millions of connected devices (like DVRs and webcams) and turned them into data transmitters, and then focused all of this concentrated data output at the network that supports those popular web services. The result was to overwhelm that network with incoming data and shut it down.

They were able to do this because many of these devices are connected on open IP addresses and have weak and old security (including common factory-default passwords). Tech writers at the Atlantic wanted to see this in action so they simulated a simple networked device on an open IP address (they're calling it a toaster but that's just to illustrate) to see how these hacks might happen.

After setting it up, they switched it on to see what happened. It took 41 minutes before the first hack effort happened. In less than 12 hours, 300 different hack attempts occurred - most using known factory default passwords for simple connected devices.

I don&#8217;t actually own a wireless toaster. But I devised a test. Renting a small server from Amazon, I gussied it up to look like an unsecured web device, opening a web port that hackers commonly use to remotely control computers. Instead of allowing real access, though, I set up a false front: Hackers would think they were logging into a server, but I&#8217;d really just record their keystrokes and IP addresses. In cybersecurity circles, this is called putting out a honeypot&#8212;an irresistible target that attracts and ultimately entraps hackers and the scripts they use to find vulnerable servers.

I switched on the server at 1:12 p.m. Wednesday, fully expecting to wait days&#8212;or weeks&#8212;to see a hack attempt.

Wrong! The first one came at 1:53 p.m.

It tried a common default username and password (root/root) and executed the &#8220;sh&#8221; command, giving it the ability to run programs and install its own code. My fake toaster doesn&#8217;t allow that, of course&#8212;it just cuts the connection.

The next hacking attempt, from a different IP address and using different login credentials, came at 2:07 p.m. Another came at 2:10. And then 2:40. And 2:48. In all, more than 300 different IP addresses attempted to hack my honeypot by 11:59 p.m. Many of them used the password &#8220;xc3511,&#8221; which was the factory default for many of the old webcams hijacked in last week&#8217;s attack.

I&#8217;ll admit this volume of attacks might not be typical. I hosted my fake toaster on a virtual Amazon server, not an actual toaster hooked up to residential internet. Hackers aren&#8217;t typing these passwords themselves&#8212;they&#8217;ve programmed bots to do the hard work for them, scanning through thousands of open ports an hour. And I&#8217;d bet those scripts are trawling Amazon&#8217;s range of IP addresses more frequently in hopes of hacking vulnerable rookies. (If that has happened to me without my knowledge, I am very sorry and please don&#8217;t hurt me.) But my experience matches what security firms have seen. It is now within the capability of hackers to literally scan the entire internet, looking for vulnerable servers with open ports. And every hacked computer adds another recruit to the search effort, shortening the time required geometrically.

Matthew Prince, the cofounder and CEO of Cloudflare, said anyone hooking up a poorly secured IP device to the internet can expect to see that gizmo hacked within a week, if not much sooner.

&#8220;Assuming it&#8217;s publicly accessible, the chance [of being hacked] is probably 100 percent,&#8221; he said. &#8220;The IPv4 address space just isn&#8217;t that big. You can now run a scan across that entire space in hours, especially if you have a big botnet. The scans for vulnerability are continuous, and if anything, have accelerated over the last couple of years.&#8221;

This doesn&#8217;t mean that every Internet-of-Things device is vulnerable. Most things that you connect to the web through your home WiFi are probably okay: Your router kills most incoming hacking attempts. (Of course, if your router is compromised...) You have more to worry about if your device hooks up to your modem directly, which is more common in industrial settings.
Click to expand...


https://www.theatlantic.com/technol...-toaster-and-it-was-hacked-in-an-hour/505571/


https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/

https://www.theatlantic.com/technol...-when-your-dvr-launches-a-cyberattack/505322/
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Register

Log in

Already have an account? Log in here.

Previous Next

Users who are viewing this thread

    Total: 2 (members: 0, guests: 2)

    Share this page

     

    Twitter

    Back
    Top Bottom