Massive Cyber Attack

[CS1983]

Indeed. Here's a constant live visualization: http://map.norsecorp.com

[Ridge]

Indeed. Here's a constant live visualization: http://map.norsecorp.com

I love this map. It's like Global Thermonuclear War.

[CS1983]

I love this map. It's like Global Thermonuclear War.

[Double00]

That map is hypnotic!

[Grant H.]

I'm so tired of the news playing this off as an advanced, difficult, and elaborate attack.

These DDOS attacks are simple.

There are millions of devices that are internet connected, thanks to jackwads in society, that this malware literally searches out, logs in to, boots itself up, and then can be directed with some pretty simple code that has been made public.

There isn't anything elaborate about it. It's the result of people being stupid and complacent.

Seriously,
Home Automation - Smart things, Hue, Cameras, Door Locks, etc...
Industrial cell modems
Home routers
...
...
...
...
The list goes on and on.

Tons of people have left their devices with the default Username/Password, and that makes them part of the botnet that caused this.

The only thing different about this is that someone pointed it at Dyn, instead of any one specific site. Taking DNS services offline has some serious consequences.

One report I read about this said that they recorded THOUSANDS of gigabits/sec of data traffic during the DDOS attack. There are only a few (3, that I know of) of the companies that are behind the scenes of the internet that can actually handle that kind of traffic, much less that much false traffic.

The code to do this is public. It's simple. These attacks will only get worse.

Change the default Username/Password of ANY internet connected device. Period.

[zteknik]

I'm so tired of the news playing this off as an advanced, difficult, and elaborate attack.

These DDOS attacks are simple.

There are millions of devices that are internet connected, thanks to jackwads in society, that this malware literally searches out, logs in to, boots itself up, and then can be directed with some pretty simple code that has been made public.

There isn't anything elaborate about it. It's the result of people being stupid and complacent.

Seriously,
Home Automation - Smart things, Hue, Cameras, Door Locks, etc...
Industrial cell modems
Home routers
...
...
...
...
The list goes on and on.

Tons of people have left their devices with the default Username/Password, and that makes them part of the botnet that caused this.

The only thing different about this is that someone pointed it at Dyn, instead of any one specific site. Taking DNS services offline has some serious consequences.

One report I read about this said that they recorded THOUSANDS of gigabits/sec of data traffic during the DDOS attack. There are only a few (3, that I know of) of the companies that are behind the scenes of the internet that can actually handle that kind of traffic, much less that much false traffic.

The code to do this is public. It's simple. These attacks will only get worse.

Change the default Username/Password of ANY internet connected device. Period.

[Aloha_Shooter]

I finally noticed it hitting me Friday night ... just grabbed my ereader (in airplane mode!) and soaked in the hot tub while reading ... I am far from a Luddite but I still see more downsides than upsides to the so-called Internet of Things and I studied computer science & engineering in college (NOT freaking "Information Technology" which some goofball who was trying to impress me claimed as his degree).

[Zundfolge]

I'm so tired of the news playing this off as an advanced, difficult, and elaborate attack.

These DDOS attacks are simple.

Indeed. DDOS attacks are not "hacking" ... they're simple "Script Kiddie" nonsense.

[Ridge]

Not even script kiddies. There is a freely available download that does it for you.

[izzy]

The DDoS isn't the "hacking" it's what the attacker does after the target has been hit. I think the goal is typically to bring machines/networks to their knees and then beak into them at that point.