Home Security DVRs, security cams used in massive DDoS attack

DVRs, security cams used in massive DDoS attack

DVRs, security cams used in massive DDoS attack Featured

Digital video recorders and security cameras in the main have been used in a distributed denial of service to disrupt a number of high-profile websites, both in the US and other countries.

The whistleblower site WikiLeaks has claimed its supporters were responsible for the attacks, and asked them to desist from causing further chaos, saying they have now made their point.

The website Krebs on Security claimed a majority of the devices used in the attacks were "mainly compromised digital video recorders (DVRs) and IP cameras made by a Chinese hi-tech company called XiongMai Technologies. The components that XiongMai makes are sold downstream to vendors who then use it in their own products".

The attacks, on Friday US time, were aimed at the domain name services provider Dynamic Network Services, otherwise known as Dyn. The first attack began at 7.10am EDT on Friday (10.10pm AEDT Friday) and, once this was resolved by Dyn, further waves caused disruptions throughout the day.

While major US websites like Twitter, Spotify, Netflix and Paypal were disrupted, the application performance management software company Dynatrace said that Australian websites were affected as well.

Among the Australian sites that took a hit, Dynatrace listed AAMI, ANZ, BankWest, Coles, The Daily Telegraph, Dan Murphy's, ebay, HSBC, The Herald Sun, NAB, 9News, The Age, Ticketmaster, The Australian, Woolworths, The Sydney Morning Herald, and Westpac.

DNS is a distributed hierarchical database, with each level of the hierarchy pointing to (that is, "delegating to") the next level.

A simplified version of the query sequence, as outlined by veteran systems administrator Craig Sanders many moons ago, goes like this:

Q: "What is the IP address of www.melbourne.example.com.au?"
A: "I don't know. Ask the .au servers, here they are"
Q: "What is the IP address of www.melbourne.example.com.au?"
A: "I don't know. Ask the com.au servers, here they are"
Q: "What is the IP address of www.melbourne.example.com.au?"
A: "I don't know. Ask the example.com.au servers, here they are"
Q: "What is the IP address of www.melbourne.example.com.au?"
A: "I don't know. Ask the melbourne.example.com.au servers, here they are"
Q: "What is the IP address of www.melbourne.example.com.au?"
A: "The A record for www.melbourne.example.com.au is 192.168.1.1"

As iTWire reported, the well-known security technologist Bruce Schneier had recently said he had been informed that state-level actors were probing vital parts of the internet's infrastructure.

With source code for an IoT-based botnet named Mirai being leaked recently, there have been claims that this very botnet was used in the attacks against Dyn.

While there has been extensive, at times hysterical, coverage of the attacks, there has been no indication of the magnitude.

The largest DDoS attack so far has been against French hosting provider OVH, with the attack being almost 1Tbps. Security writer Brian Krebs' website experienced a DDoS of something close to 665Gbps after he had written about an Israel-based company that appeared to be behind many DDoS attacks over the years.

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has the high potential to be exposed to risk.

It only takes one awry email to expose an accounts’ payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 Steps to Improve your Business Cyber Security’ you’ll learn some simple steps you should be taking to prevent devastating and malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you’ll learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

RECOVERING FROM RANSOMWARE

Ransomware is a type of malware that blocks access to your files and systems until you pay a ransom.

The first example of ransomware happened on September 5, 2013, when Cryptolocker was unleashed.

It quickly affected many systems with hackers requiring users to pay money for the decryption keys.

Find out how one company used backup and cloud storage software to protect their company’s PCs and recovered all of their systems after a ransomware strike.

DOWNLOAD THE REPORT!

Sam Varghese

website statistics

A professional journalist with decades of experience, Sam for nine years used DOS and then Windows, which led him to start experimenting with GNU/Linux in 1998. Since then he has written widely about the use of both free and open source software, and the people behind the code. His personal blog is titled Irregular Expression.

 

Popular News

 

Telecommunications