Jump to content

Massive cyber attack takes down popular websites and social media


Fragile Bird

Recommended Posts

The more porous and vulnerable internet security becomes, the closer we move to a new closed system of fragmented secure pools for the developed west, excluding the most lawless and malign societies, but also excluding those developing nations from the benefits of ecommerce and access to information. 

It has already started for a different reason as webpages migrate to apps.  We won't have a wall with Mexico, but we may end up with a cyber wall soon.  

Link to comment
Share on other sites

One of the big problems that was highlighted by this attack is the danger of using short TTL (Time To Live) in DNS settings. It allows for greater flexibility if your servers are being shunted around frequently, but it means your service is entirely dependent on the DNS services which have become far too centralised. Shut down a major DNS provider and you shut down all the sites using them as an authority which have a short TTL.

With a longer TTL, such as 8 hours, you'll have a less agile but it would take a very extended DDoS on the DNS to cause this kind of problem as most DNS caches would have a significant amount of time left on the entries for major sites.

Link to comment
Share on other sites

8 hours ago, karaddin said:

One of the big problems that was highlighted by this attack is the danger of using short TTL (Time To Live) in DNS settings. It allows for greater flexibility if your servers are being shunted around frequently, but it means your service is entirely dependent on the DNS services which have become far too centralised. Shut down a major DNS provider and you shut down all the sites using them as an authority which have a short TTL.

With a longer TTL, such as 8 hours, you'll have a less agile but it would take a very extended DDoS on the DNS to cause this kind of problem as most DNS caches would have a significant amount of time left on the entries for major sites.

Fascinating.  Thanks for the info.

Link to comment
Share on other sites

On the weekend I saw a story that some group had claimed responsibility and that the attack was, indeed, a dress rehearsal.  But not to attack the US at election time, to attack Russia, in revenge for the hack attacks it's done against American targets.

Just found the story.  The group is called New World Hackers.  Are there any other stories people have seen about these guys?

http://www.cbc.ca/news/technology/hackers-ddos-attacks-1.3817392

Link to comment
Share on other sites

10 hours ago, Nasty Fragile Bird said:

On the weekend I saw a story that some group had claimed responsibility and that the attack was, indeed, a dress rehearsal.  But not to attack the US at election time, to attack Russia, in revenge for the hack attacks it's done against American targets.

Just found the story.  The group is called New World Hackers.  Are there any other stories people have seen about these guys?

http://www.cbc.ca/news/technology/hackers-ddos-attacks-1.3817392

Claiming shit costs nothing.  I do not think this claim would rise to the level of evidence of anything.  They also claim support for Wikileaks making me suspicious of their claim that they wanted to attack the Russians, or are not acting as a proxy for the Russians.  Assuming any of what they said is even a coherent manifesto, or has any truth to it at all.

In other words - What can be asserted without evidence can be dismissed without evidence.  Until that lack of evidence changes, I would not give them the time of day.  I wish the media would do the same.

Link to comment
Share on other sites

Update from Gizmodo. 

Quote

There were rumblings online that the attack might have been state-sponsored, but an unnamed intelligence official told NBC they’ve ruled that out, saying it was a “classic case of internet vandalism.

More on who.

Quote

National Intelligence Director James Clapper said Tuesday that it appeared a “nonstate actor” was behind the attack....Speaking at the Council on Foreign Relations in New York on Tuesday, Mr. Clapper said investigators were gathering a lot of data, and that preliminary indications were that it was a nonstate actor.

Network experts studying the attack are also starting to rule out usual suspects, such as national governments and online blackmailers. That suggests, they said, the attack was another cry for attention by online attack-for-hire services and their customers looking to make a statement.

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...