UPDATED 03:21 EST / OCTOBER 26 2016

NEWS

‘Script kiddies’ blamed for massive website cyber attack

A massive distributed denial of service attack that brought down leading sites across the world on Friday is being attributed to script kiddies, or people who use existing scripts or programs, who wanted to take down the PlayStation Network, a report published Tuesday claims.

The attack, which targeted domain name server hosting provider Dynamic Network Services Inc., known as Dyn, took sites including Twitter, Amazon.com, Reddit, PayPal, Netflix, Spotify, Etsy and a range of others down twice on Oct. 21. Because of the scale of the attack, there was speculation that criminal organizations or even foreign governments might be involved.

According to analysis from security firm Flashpoint Global Partners Inc., the attack came from a group of users linked to the Hackforums community. They used the Mirai botnet, which consists of compromised consumer devices such as routers, DVR systems and web cams. The botnet in question had previously been used in the DDoS attack against the Krebs on Security blog and French internet service provider OVH.

In its post making its argument, Flashpoint drew the dots between various points of the attack, stating that they were moderately confident in their finding.

Who did it?

Since the attack occurred a variety of groups have been blamed for the attack. Naturally in a year where neo-McCathyism has come to the forefront of the President campaign, be it ironically now coming from the left versus the right, the Russian Government was blamed for the attack, particularly given that it brought down primarily American websites.

Over the weekend others have claimed or implied responsibility, including Wikileaks, who posted a tweet asking their supporters to stop attacking Dyn on Twitter, and a group called the “New World Hackers” who claimed responsibility on their Twitter account.

“Flashpoint assesses with medium confidence that each of these claims is dubious and likely to be false,” the company noted. “Flashpoint assesses with moderate confidence that these attacks were not financially or politically motivated. Typically, financially motivated DDoS attacks will target business competitors, online gambling sites, or Bitcoin exchanges. Despite various groups claiming responsibility for the attack, there have been no publicly available indicators of extortion — attempted or not — against Dyn DNS or any of the sites affected by the attack.”

Flashpoint said the technical and social indicators of the attack align more closely with attacks from the Hack Forums community than the other type of actors that may be involved, such as higher-tier criminal actors, hacktivists, nation-states, and terrorist groups. Those groups, it added, “very unlikely to launch an attack against a video game company.”

Image credit: Level3 Outage Map

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU