Previous Story
Companies urged to use multiple vendors in wake of cyber attack
Posted On Oct 29 2016
Comment: Off
In the latest internet security breach, hackers initiated a complex cyber attack using devices such as digital recorders and webcams restricting access to some of the most popular websites such as Twitter, PayPal and Spotify.
“We have advocated for years for redundancy in your infrastructure”, said Kyle York, chief strategy officer for Dyn, the New Hampshire DNS provider that was attacked on Friday.
The cyber attack that took down U.S. sites from Twitter and Spotify to CNN, Yelp and the New York Times on Friday was notable for its sheer size but also the fact that it employed internet connected devices, like cameras, to boost its firepower.
Now, security researchers say they’ve identified at least one culprit in the attack-a massive network of hijacked Internet of Things devices, including connected cameras and digital recorders, martialed to send the gargantuan waves of domain requests that overwhelmed directory servers.
Earlier, Middle-East countries suffered with the same type of attacks.
The incidents mark a change in tactics as DDoS attacks are more typically aimed at a single site.
The attack targeted Dyn, a company that helps people connect to websites, with a huge amount of traffic in an attempt to knock the service offline, according to Dyn’s director of Internet analysis, Doug Madory. The Dyn server was under attack and eventually shut down, resulting in internet traffic to its clients’ websites being affected. Said: “A DDoS attack could certainly impact these votes and make a big difference in swing states”.
The attacks also impacted Dyn’s DNS advanced services monitoring for customers.
As a result, throughout the day Friday many users were unable to connect to popular platforms like Twitter, Netflix, Spotify and the Financial Times in various parts of the US and Europe – mainly the American northeast and the United Kingdom. Attackers gain access to the computers by infecting them with malware and use botnets to conduct a range of activities, including DDoS attacks. York said “tens of millions” of I.P. addresses – meaning an incredibly large botnet or network of botnets – appear to be involved in attacking the firm.
The DDos attack used the smart devices in the household to generate a load on the service. A DDoS attack uses a heavy flow of traffic to target and disrupt particular systems, rendering them unusable. But the company has not confirmed the cyber attack. The attack also highlighted how targeting just one company could create havoc across the Web.
Members of a shadowy hacker group that calls itself New World Hackers claimed responsibility for the attack via Twitter, though that claim could not be verified.
