Home Security DVRs, security cams used in massive DDoS attack

DVRs, security cams used in massive DDoS attack

Digital video recorders and security cameras in the main have been used in a distributed denial of service to disrupt a number of high-profile websites, both in the US and other countries.

The whistleblower site WikiLeaks has claimed its supporters were responsible for the attacks, and asked them to desist from causing further chaos, saying they have now made their point.

The website Krebs on Security claimed a majority of the devices used in the attacks were "mainly compromised digital video recorders (DVRs) and IP cameras made by a Chinese hi-tech company called XiongMai Technologies. The components that XiongMai makes are sold downstream to vendors who then use it in their own products".

The attacks, on Friday US time, were aimed at the domain name services provider Dynamic Network Services, otherwise known as Dyn. The first attack began at 7.10am EDT on Friday (10.10pm AEDT Friday) and, once this was resolved by Dyn, further waves caused disruptions throughout the day.

While major US websites like Twitter, Spotify, Netflix and Paypal were disrupted, the application performance management software company Dynatrace said that Australian websites were affected as well.

Among the Australian sites that took a hit, Dynatrace listed AAMI, ANZ, BankWest, Coles, The Daily Telegraph, Dan Murphy's, ebay, HSBC, The Herald Sun, NAB, 9News, The Age, Ticketmaster, The Australian, Woolworths, The Sydney Morning Herald, and Westpac.

DNS is a distributed hierarchical database, with each level of the hierarchy pointing to (that is, "delegating to") the next level.

A simplified version of the query sequence, as outlined by veteran systems administrator Craig Sanders many moons ago, goes like this:

Q: "What is the IP address of www.melbourne.example.com.au?"
A: "I don't know. Ask the .au servers, here they are"
Q: "What is the IP address of www.melbourne.example.com.au?"
A: "I don't know. Ask the com.au servers, here they are"
Q: "What is the IP address of www.melbourne.example.com.au?"
A: "I don't know. Ask the example.com.au servers, here they are"
Q: "What is the IP address of www.melbourne.example.com.au?"
A: "I don't know. Ask the melbourne.example.com.au servers, here they are"
Q: "What is the IP address of www.melbourne.example.com.au?"
A: "The A record for www.melbourne.example.com.au is 192.168.1.1"

As iTWire reported, the well-known security technologist Bruce Schneier had recently said he had been informed that state-level actors were probing vital parts of the internet's infrastructure.

With source code for an IoT-based botnet named Mirai being leaked recently, there have been claims that this very botnet was used in the attacks against Dyn.

While there has been extensive, at times hysterical, coverage of the attacks, there has been no indication of the magnitude.

The largest DDoS attack so far has been against French hosting provider OVH, with the attack being almost 1Tbps. Security writer Brian Krebs' website experienced a DDoS of something close to 665Gbps after he had written about an Israel-based company that appeared to be behind many DDoS attacks over the years.

LEARN HOW TO BE A SUCCESSFUL MVNO

Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service

DOWNLOAD NOW!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.