Disturbance in the Force

October 21, 2016

There has been a major multi-site cyber attack today. USA Today reports:

SAN FRANCISCO — At least two successive waves of online attacks blocked multiple major websites Friday, at times making it impossible for many users on the East Coast to access Twitter, Spotify, Netflix, Amazon, Tumblr and Reddit.

The first attacks appear to have begun around 7:10 am Friday, then resolved towards 9:30 am, but then a fresh wave began.

The cause was a large-scale distributed denial of service attack (DDoS) against Internet performance company Dyn that blocked user access to many popular sites.

I’ve noticed unusual problems with several other major sites today and I don’t believe in coincidences, at least not when it comes to computers. Either more sites have been affected by the attacks or there have been secondary effects from the initial attacks against Dyn DNS. My minor researches have suggested problems affecting sites that use AWS. For several of the sites mentioned in the article the problems don’t seem to be over as of 2:00pm CDT.

I’m a bit puzzled about the motive for the attack. Plain mischief? What could they be going after?

7 comments… add one
  • Guarneri Link

    I’ll say. I was trying to get to Callaway Golfs site to compare Apex Pros to Mizuno MP5s and couldn’t get through. Given that the Apex use KBS shafts I say it’s True Temper causing the problem. This is serious stuff.

  • ... Link

    WikiLeaks released a tweet today stating that they thought it was their supporters doing it in retaliation for action taken against Assange this week.

    Tweet

    Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point.

    You can decide for yourselves which is scarier: a Russian hit job, or just angry denizens of the dark net pitching a fit. Note, too, that it doesn’t have to be just one or the other!

    Later Wikileaks had this to say:

    We have updated the Stochastic Terminator algorithim [sic].

    These are great days we’re living, bros.

  • sam Link

    Who would do this? It doesn’t seem like something an activist, criminal, or researcher would do. Profiling core infrastructure is common practice in espionage and intelligence gathering. It’s not normal for companies to do that. Furthermore, the size and scale of these probes — and especially their persistence — points to state actors. It feels like a nation’s military cybercommand trying to calibrate its weaponry in the case of cyberwar. It reminds me of the US’s Cold War program of flying high-altitude planes over the Soviet Union to force their air-defense systems to turn on, to map their capabilities. [Source Someone Is Learning How to Take Down the Internet

  • sam Link

    Damn. Here’s the link: https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html

  • Dave Schuler Link

    If in fact it was done by an NGO, it highlights a point I’ve made before. NGOs are now acting like governments and governments like NGOs.

    That’s not an improvement.

  • TastyBits Link

    … MP5s …

    WTF!!!

    I thought golf was boring, but it looks like I was wrong. “Ambush” is used in some golf articles, but I did not think you actually established a base of fire and kill zone.

  • ... Link

    I should mention that earlier in the week various Obama Administration officials were stating that the US government was about to launch a “secret” cyberattack against Russia soon, Joe Biden most prominently. Besides the fact that they don’t seem to understand secrecy, it was pretty much an open declaration of cyberwar against a sovereign state. I wouldn’t be surprised if this was Russia Pearl Harboring the US.

Leave a Comment






Categories