View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
October 28, 2016updated 07 Nov 2016 2:29pm

Monthly Attack Alert: Biggest cyber attacks in October

By Alexander Sword

October saw the ominous predictions of Resilient CTO Bruce Schneier in September coming true as a number of major internet infrastructure providers fell victim to cyber attack.

Schneier had warned that the companies that operated the nuts and bolts of the internet were being tested in major DDoS attacks by what he believed to be a state actor.

This is a major theme across CBR’s monthly attack round-up; but perhaps as concerning as who the attacks are targeting is the way that they are being carried out.

Again, the DDoS methodology that is being deployed here was observed in September in the attack on blogger Brian Krebs’s website KrebsOnSecurity.

These developing trends happen against the usual background of data breaches and phishing scams.

Read on to find out about Dyn, StarHub, Weebly and the Red Cross.

 

Content from our partners
How to engage in SAP monitoring effectively in an era of volatility
How to turn the evidence hackers leave behind against them
Why food manufacturers must pursue greater visibility and agility

1. Dyn

Believed to be one of the largest distributed denial of service (DDoS) attacks of all time, the attack on hosting provider took down several major sites such as Twitter, Reddit and Spotify which use Dyn’s infrastructure.

Starting at 11:10 AM UTC (12:10 PM BST) on 21 October, the DDoS hit the Dyn Managed DNS infrastructure. DDoS attacks flood an internet service with traffic, meaning that the server cannot cope with the demand.

Dyn began to monitor and mitigate the attack and restored service to normal around two hours later.

The attack mainly impacted customers in the US East region.

Dyn

Dyn was hit by a major DDoS attack.

The attack could have reached a magnitude in the 1.2 Tbps range, although Dyn said that this was not confirmed.

The Dyn attack follows DDoS attacks last month on OVH and KrebsOnSecurity. According to OVH’s founder, posting on Twitter, the combined brunt of the attack amounted to around 1.1 Tbps, while the Krebs attack apparently reached 620 Gbps.

Underpinning these attacks is the malware Mirai, which Dyn confirmed as the source of the attack.

Twitter

Some users were unable to access Twitter.

Mirai is encoded with a list of a few default passwords, including obvious words and phrases such as ‘password’ or ‘password123’. It trawls the net, looking for passive internet-connected devices such as routers and camera and inputting these passwords into the devices to try and take them over.

The size of the Dyn attack is impressive, but also interesting is the number of endpoints involved in the attack: according to Dyn, it involved up to 100,000 malicious endpoints.

This is a worrying trend, especially with the number of internet-connected devices set to increase over the coming years, and shows the need for the Internet of Things (IoT) to be properly secured.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how New Statesman Media Group may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU