Major DDOS Attack On Major Websites

Noticed a bunch are down. We cant even process payments because our payment gateway is down. Could it be because of you know who?

http://www.usatoday.com/story/tech/2016/10/21/cyber-attack-takes-down-east-coast-netflix-spotify-twitter/92507806/


Could it be because of you know who?

The who is IOT devices, from many manufacturers.

The what is massive disruption to the internet for an unprecdented amount of time.

The why is unknown.

Hopefully, this wake-up call will raise the visibility of unsecured devices to the world at large, and spur them to action.

We can only hope :)

accidentally started another thread which is rightfully deleted, but. I found thru this link:

http://www.dailymail.co.uk/sciencetech/article-3859500/Widespread-internet-havoc-major-attack-takes-websites-offline-Spotify-Twitter-sites-suffer-outages.html

Im guessing Mirai has atleast a part of this, but I havent analyzed anything and Im happy to wait before freaking out. in the meantime, this is pretty Yuge.

The problem is that many of those IoT devices can't be updated via OTA。

Per the top story on Engadget.com, "Flashpoint says hacked cameras and routers enabled a Mirai botnet to take out major websites on Friday."

This has been amazing... I wonder when people will start to care? If netflix and payment processing and playstation servers doesn't make people care then I'm not sure that anything will...

It's our industry's duty to make people aware of why, and how, and who, has caused this and why/how to prevent it. However, that would mean that major Chinese manufacturer's would have to develop some ethics and morals and step up and own their responsibility, then that would have to trickle down to the installers.

If this was Intel or HP or Dell's products you'd be seeing a different response than we're seeing from the Chinese.

I just read that xm devices were to blame for majority of the issue.

Link? Most people are reporting that it's just the IoT and "digital video recorders" according to CNN's quote of Flashpoint. I haven't seen any manufacturer names implicated in this recent bout like we saw against Brian Krebs. I've seen some speculate that the Mirai botnet was at least partially responsible, which would be majority Dahua and XM devices I believe.

Link.

According to researchers at security firm Flashpoint, today’s attack was launched at least in part by a Mirai-based botnet. Allison Nixon, director of research at Flashpoint, said the botnet used in today’s ongoing attack is built on the backs of hacked IoT devices — mainly compromised digital video recorders (DVRs) and IP cameras made by a Chinese hi-tech company called XiongMai Technologies. The components that XiongMai makes are sold downstream to vendors who then use it in their own products.

Thank you! This is very interesting:

It’s remarkable that virtually an entire company’s product line has just been turned into a botnet that is now attacking the United States,” Nixon said, noting that Flashpoint hasn’t ruled out the possibility of multiple botnets being involved in the attack on Dyn.

It is almost as if the P.R.C. planned this all years ago... It's kind of like a subversive cold-war with China, and they're winning because Americans in our industry are apathetic and lazy. Imagine when Hikvision turns their network on... border patrol, water treatment facilities, power plants, military installations... I know Hikvision has won bids for all of these types of contracts. We know that Hikvision is controlled by the communist PRC. (People's "Republic" of China)

Phil K. Dick would have a hay-day with all of this...

Phil K. Dick would have a hay-day with all of this...

Sorry, but I don't know Dick.

Sounds Bad for real, only problem 99.9% of the systems the Military has are NOT on any kind of network that can touch the Internet.

Must watch video on the 7 keys that control DNS and the Internet:

Turn off the camera...

Maybe just cut the frame rate in half temporarily, you don't want anybody nosing around your bot because of some alarm or because somebody's screen goes blank. :)

Customers screen goes blank. They call the company that installed it which shows up the next day to reboot the camera. Hacker has minimum 24 hours to control the camera?

Guy shows up the next day to reboot the camera, figures he should bring the firmware up to date, 'what the hell'. One less soldier in the botnet brigade for next time.