DDoS Attack Done by Script Kiddies
The perpetrators carried out their attacks in three waves. After the initial attack, Dyn increased their security measures, lessening the impact of the following waves on their DNS. A portion of the attack originated from a Mirai Command and Control server. Essentially, botnets comprised of Mirai software scout out IoT (Internet of Things) devices using default usernames and passwords, infecting them in order to gain access. Millions of web-enabled, infected devices pummeled the data centers with junk data.
Security firm Flashpoint released an "after-action" analysis of the incident where it concluded that the attacks were likely carried out by amateur hackers. To add to the confusion, some believed that state-sponsored actors perpetrated the attack or that the Russian government was somehow involved. WikiLeaks tweeted that a supporter may be responsible, jokingly we hope.
Mr. Assange is still alive and WikiLeaks is still publishing. We ask supporters to stop taking down the US internet. You proved your point. pic.twitter.com/XVch196xyL— WikiLeaks (@wikileaks) October 21, 2016
In their investigation, Flashpoint discovered that the infrastructure used in the attack mirrored the one used against a well-known video game company: "While there does not appear to have been any disruption of service, the targeting of a video game company is less indicative of hacktivists, state-actors, or social justice communities, and aligns more with the hackers that frequent online hacking forums." Writers of the report Allison Nixon, John Costello, and Zach Wikholm have specifically referenced the Hackforums community where commercial DDoS tools, known as booters or stressers, are sold.
Further on, the writers assert that they are moderately confident that the attacks had no financial or political motivation. Instead, since the hackers targeted entertainment and social media, the motivating factors were to "show off, or to cause disruption and chaos for sport." In the past, DDoS attacks launched at gaming companies had no other purpose than to "show off their credentials as hackers of skill, or to 'troll' and gain attention by causing disruption to popular services."
For those of us obsessively watching Mr. Robot, the professionalism of Rami Malek's character, an off-the-grid, anonymous master hacker, contrasts sharply to the script kiddies in this latest attack. The term, used a couple times in the show, differentiates between someone who uses existing computer scripts/codes rather than writing their own. For those of you who haven't dived into the series, just imagine watching a reclusive, anonymous hacker in his element. Follow him through a life of tenuous relationships, a master plan, and a psychologically questionable life. You won't be disappointed.
Jacqui Litvan, wielding a bachelor's degree in English, strives to create a world of fantasy amidst the ever-changing landscape of military life. Attempting to become a writer, she fuels herself with coffee (working as a barista) and music (spending free time as a raver). Follow her @Songbird_Jacqui
DDoS Attack Done by Script Kiddies Reviewed by Jacqueline Litvan on Monday, October 31, 2016 Rating: