The list of victims also included Reddit, Airbnb, Netflix, and the sites of several media outlets (CNN, New York Times, Boston Globe, Financial Times, The Guardian…).
None of these sites were directly targeted by the hackers. They are, in fact, made to the company Dyn, which redirects the flow from the internet to hosters and translated in any way the names of sites into IP addresses.
“When I see such an attack, I tell myself that it is a State that is behind,” said Eric o’neill, in charge of strategy for the it security firm Carbon Black and ex-in charge of the fight against espionage in the FBI (federal police).
To this expert, the consequences could be much more serious in the sectors of finance, transportation or energy, much less prepared than Dyn to this type of cyber-attacks.
“This is an attack on very elaborate. Every time we the neutralize, they adapt,” said Kyle Owen, an officer of Dyn, quoted on the specialized site Techcrunch.
The first attack launched at 11.10 AM GMT, was followed by several offensive series, as the impact moved from the east coast of the United States to the west of the country.
22H17 GMT, Dyn stated that the incident was resolved.
a resurgence of the cyber-crime, this attack has alerted the american authorities.
“The department of homeland Security (DHS) and the FBI have been informed and are investigating all potential causes“, indicated to the AFP a spokesman for the DHS.
The identity and the geographical origin of the authors were still unknown.
The Wikileaks website, which published thousands of emails from the campaign manager of the candidate democratic party presidential, Hillary Clinton, was believed to detect in this attack a mark of support for its founder, Julian Assange, a refugee in the ecuadorian embassy in London, and whose access to the internet has been recently cut.
“Mr Assange is still alive, and Wikileaks continues to publish. We ask our supporters to stop block the internet american. You have been heard,” tweeted the site.
The hacker group Anonymous appeared to him to call to continue the offensive. “The roof, the roof, the roof is on fire. We do not need water. Let the motherfucker burn“, he tweeted.
- Denial of service –
Whatever the origin, the attack has highlighted the dangers posed by the growing use of connected objects, which can be used without the knowledge of their owners, to block access to a site.
The technique of distributed denial of service (DDoS) attacks used on Friday is to make a server unavailable by overloading query. It is often conducted from a network of machines zombies (“botnet“), which are themselves hacked and used without the knowledge of their owners.
“These attacks, in particular, with the expansion of connected objects and unsecured, will continue to harass our organizations. Unfortunately, what we see is only the beginning in terms of +botnets+ on a large scale and disproportionate harm“, predicted, and Ben Johnson, ex-hacker for the us agency for intelligence NSA and co-founder of Carbon Black.
objects that are connected and a priori, completely harmless, such as coffee machines or refrigerators can be used by hackers.
“the Internet continues to be based on protocols and an infrastructure designed before cyber security was a problem,” notes Mr. Johnson.
According to James Scott, an expert in cybercrime at the Institute for Critical Infrastructure Technology, similar attacks have been carried out in December, 2015, by cyberjihadistes using 18,000 mobile devices.
This new attack “betrays a vulnerability well known in the structure of the internet“, he says, adding that his “sophistication” and “precision” seemed to point the finger at a State like China or Russia.
The computer attacks and other acts of piracy are already in full resurgence in the United States and in other industrialized countries.
Yahoo Mail has recently recognized that the data of 500 million of its users had been compromised two years ago. Several attacks have also targeted the financial sector and some banks, leading the industrialized countries of the G7 to adopt, in mid-October, a series of protection rules.
No comments:
Post a Comment