Major U.S. websites inaccessible in "cyber attack" on domain name system

Major U.S. websites inaccessible in "cyber attack" on domain name system

-- Tom

 

This seems to be shutting down numerous ATM/Interac/PoS systems in Ontario, Canada as well.

Some current links: https://www.dynstatus.com/incidents/nlr4yrr162t8
http://money.cnn.com/2016/10/21/technology/ddos-attack-popular-sites/index.html
https://news.ycombinator.com/item?id=12759520

I'm wondering if this has to do with those IoT botnets similar to what KrebsOnSecurity on others experienced recently. I've got to resort to finding many of the IP addresses of these sites to get more details.

 

It might have a connection with the hypothesis explained here:

https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html

 

I just read on Gizmodo that the problem is getting worse. Twitter has been down all day, Spotify works fine for me. Do you think this could get *actually* worse? Like maybe more companies like Dyn will be hit throughout the weekend?

 

How an army of vulnerable gadgets took down the web today

-- Tom

 

Another take on the attacks. Don't be put off by the Headline (The Mirror is known for sensationalizing headlines of otherwise accurate articles) - The article was updated at 4:35PM EST and includes an exhaustive examination of the extent of the attack and websites and services affected.

"Wikileaks supporters 'are behind massive cyber attack on US': Website urges its supporters to stop 'taking down the US internet' because 'Mr Assange is still alive' amid massive ongoing cyber attacks..[NB: The article states that Wikileaks BELIEVES it's supporters are responsible for the attack]

Github, SoundCloud and PayPal also reported to be down
Some of Amazon's cloud services also believed to have been hit
Outage appeared to be primarily affecting web users on the US East Coast
Second wave of attacks began around 1PM ET
Department of Homeland Security 'investigating all potential causes'....."

http://www.dailymail.co.uk/sciencet...ine-Spotify-Twitter-sites-suffer-outages.html

 

I felt it the whole day here in southern Europe.
Sometimes no sites would load, or only some would, or they'd load but would be broken,
a search with Google images would produce a long, mostly blank, page with filled squares scattered around,
news sites had zero comments on all articles...
scary

 

Dyn has reported that the incident was resolved as of 22:17 UTC.

https://www.dynstatus.com/incidents/nlr4yrr162t8

 

https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/

 

Today the web was broken by countless hacked devices – your 60-second guide
IoT gadgets behind tens of millions of IP addresses flooded DNS biz Dyn

-

 

Mirai and Bashlight Join Forces Against DNS Provider Dyn

-- Tom

 

Dyn, a managed DNS service, hit with attack, popular sites see performance issues

Dyn DDoS part 2: The hackers strike back

Update Regarding DDoS Event Against Dyn Managed DNS on October 21, 2016

-- Tom

 

yeah I am on the East Coast and installed Eset Smart Security back onto a machine and it has been downloading the initial database for over a hour and it is only half way through. All other internet activities are as fast as normal like web browsing.

 

I always knew this was bound to happen sooner than later. The one's claiming responsibility announced this was only a dry run for a much larger design to push out to other electronic targets in masse etc.

As long a this keeps up then I can foresee a breaking apart of the web into REGIONAL DIVISIONS etc. or some other methods to employ to prevent such rapid mass flooding like what happened.

In the Midwest there was not much interruptions experienced to any degree but those brain geeks sharp in these type workings are only getting started so we'll see what they cook up next.

 

NewWorldHackers and Anonymous behind massive DDoS attack on Dyn DNS service

http://securityaffairs.co/wordpress/52583/hacking/dyn-dns-service-ddos-3.html

 

Hackers used 'internet of things' devices to cause Friday's massive DDoS cyberattack

-- Tom

 

Find Out If One of Your Devices Helped Break the Internet

Note: Read the remainder of the article for more hints to clean up remaining potential vulnerabilities of your IoT devices.

-- Tom

 

According to-> John McAfee

 

I can't be the only one who thinks that this entire " Internet of Things " situation has become ridiculous.

Surely everyone knows that these things were made with functionality first and security as a consideration for later ...
.... or never , as it turns out ( IoT devices formed a significant part of the botnet(s) behind recent DDoS attacks )

This "technology" was developed by manufacturers for their own benefit in order to put a big splash on their promo
for the latest model .

A "smart" fridge can sense when it's door is left open , and then it sends you a text message at work , and phones-home
to who-knows-where , to update a data-base that you do not have access to .

Well if it is so smart , why can't it just shut the door itself , and quit whining to everyone about it ?

People are passively granting unsupervised access to their home network , to a fridge !
I could not have such a device in my home , I would not sleep well ( unless I had "modified" it )

 

From the article:
"Users with internet-connected devices are warned to take precautions including updating passwords, ensuring that IoT devices are run on a closed network with limited internet access, and restricting the devices to access only the specific services it requires to function."

And how many of the users of these devices are going to do ANYTHING? Very few IMO.

 

The firm "admitted" to known flaws...meaning what else is there? Did they release the IoTs already knowing there were "flaws?" Wouldn't surprise moi.

No, too many of us are ignorant and/or complacent when it comes to PC security.