Skip to main content
close search
site logo
Dive Brief

Dyn DDoS attack not politically or financially motivated, security firm says

Published Oct. 26, 2016
By
Contributing Editor
Flickr user Christiaan Colen

Dive Brief:

  • Analysis of last week’s massive DDoS attack on DNS provider Dyn confirmed at least one portion of the attack was initiated by a Mirai Command and Control server, the same botnet used in recent attacks against French internet service and hosting provider OVH. 

  • The analysis, conducted by security provider Flashpoint, confirmed that compromised digital video recorders and webcams were used in the attack. The revelation caused at least one manufacturer, Hangzhou Xiongmai Technology, to recall its products.

  • Flashpoint believes the attacks are connected to the English-language hacking forum community, and were not financially or politically motivated, with no indicators of extortion — attempted or not — against Dyn DNS or any of the sites affected by the attack.

Dive Insight:

Various actors appeared to claim responsibility to the attack over the weekend, including a grey hat hacker who blamed the Russian government, WikiLeaks and a hacker group known as "New World Hackers," though Flashpoint contends all such claims are false.

Flashpoint also confirmed the Command and Control server used in the Dyn attack was "separate and distinct" from the one used in the OVH attack.

"The development of Internet of Things (IoT) botnets over the past few years has enabled those in the hacking community to launch DDoS attacks at a scale that was previously impossible. These developments have culminated in the Mirai botnets used in these attacks," according to the Flashpoint analysis.

Given the extent of the attack and the expected drastic increase of IoT devices over the next several years, lawmakers are concerned. U.S. Sen. Mark R. Warner, D-VA, on Tuesday asked the Federal Communications Commission, the Federal Trade Commission and the Department of Homeland Security’s National Cybersecurity & Communications Integration Center for details on how to prevent cybercriminals from compromising Internet-connected consumer products to conduct DDoS attacks.

"The weak security of many of the new connected consumer devices provides an attractive target for attackers, leveraging the bandwidth and processing power of millions of devices, many of them with few privacy or security measures, to swamp internet sites and servers with an overwhelming volume of traffic," Sen. Warner said

The attacks have even left the White House in suspense.

"We don't have any idea who did that,” said President Obama Monday on Jimmy Kimmel Live! referring to the Dyn attack.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
NeuBird Named a Cool Vendor in the 2024 Gartner® Cool Vendors™ in IT Operations Leveraging Gen…
From NeuBird
November 11, 2024
Unanet Acquires GovPro AI to Enable Customers to Win More Business
From Unanet
November 22, 2024
New Research Reveals AI's Impact on IT's Power, Status, and Pay
From 1E
November 21, 2024
Graphiant Predicts Transformative Changes in Enterprise Connectivity and Data Assurance for 20…
From Graphiant
November 20, 2024
Editors' picks
Latest in Security
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell