Cyber “Proxy” Wars: Massive DDoS Attacks Shutting Down Popular Sites

Hacker DDoS Attacks Against DynDNS Knocked Major Services Off Line

MANCHESTER, NH (The Hacker News)—The Internet recently witnessed a record-breaking largest Distributed Denial of Service (DDoS) attack of over one terabit per second (1 Tbps) against France-based hosting provider OVH, and Friday (October 21, 2016) the latest victim of this cyber attack was none other than DynDNS, an Internet performance management company.

This sudden outage of popular sites and services, including Twitter, SoundCloud, Spotify, and Shopify, for many users, flooded social media with outrage and uproars. According to a post on Ycombinator, it was because of a DDoS attack against the popular Domain Name System (DNS) service provider Dyn.

According to security intelligence firm Flashpoint, Mirai bots were detected driving much, but not necessarily all, of the traffic in the DDoS attacks against DynDNS. Mirai is a piece of malware that targets Internet of Things (IoT) devices such as routers, security cameras, WiFi-connected smart TVs, baby monitors, DVRs, Blu-ray players, and enslaves vast numbers of our compromised devices into a botnet, which then is unleashed to conduct malicious DDoS attacks at will. Since the source code of Mirai Botnet has already been made available to the public, anyone can wield DDoS attacks against selected or random targets.

bdpatoday

The DNS acts as the authoritative reference for mapping domain names to Internet Protocol (IP) addresses. In other words, DNS is simply an Internet’s phone book that resolves human-readable web addresses, such as “bdpatoday.com“, against IP addresses.

DynDNS is used by many websites and services as their upstream DNS provider, including Twitter, Spotify, SaneBox, Reddit, Box, Github, Zoho CRM, PayPal, Airbnb, Freshbooks, Wired.com, Pinterest, Heroku and Vox Media properties. All of these sites and services reportedly experienced major outages and significant downtime.

According to DynDNS, the DDOS started at 11:10 Coordinated Universal Time (UTC) , or 7:10 EDT, and mostly affected its customers in the East Coast of the United States, specifically Managed DNS customers. At that time, it simply was not very clear who and what really was behind this DDoS attack, but company officials said their engineers were working on “mitigating” their issues.

This massive outage drew the attention of Department of Homeland Security (DHS) and the FBI which stated they were “investigating all potential causes” of the attack. View top daily DDoS attacks worldwide: digitalattackmap.com.

Keywords: botnetCyber, cybersecurity, DDoS, DNS, Mirai

—Sources: thehackernews.com, Ycombinator
by Swati Khandelwal
Cover photo: Norse

 

 

DHS puts $14M toward better DDoS defenses

DDoSattack

GCN by Derek Major
Full Article

WASHINGTON – In an effort to encourage new technologies to defend against distributed denial of service (DDoS) attacks, the Department of Homeland Security’s Science and Technology Directorate has awarded eight grants worth a total of $14 million.

The eight award winners and the amount they will receive are:

  • University of California, San Diego: $1.3 million
  • University of Southern California, Information Sciences Institute: $1.8 million
  • Colorado State University: $2.7 million
  • University of Houston, Texas: $2.6 million
  • University of Delaware: $1.9 million
  • University of Oregon: $1.3 million
  • Waverley Labs of Waterford, Virginia: $629,992
  • Galois Inc. of Portland, Oregon: $1.7 million

DDoS attacks are used to overwhelm a target’s computer systems, preventing legitimate users from accessing them and creating opportunities to breach their security.  The funded research will focus on slowing the growth rate of such attacks, making current attacks harder to execute and developing tools and techniques that allow organizations to respond to attacks. Research will also go toward addressing new threats that may target non-traditional clients such as emergency management systems.

%d bloggers like this: