Remember last month, when a Mirai botnet attack brought down half the internet? On October 21, a Distributed Denial of service attack that employed swarms of unsecured “Internet of Things” devices was laser focused on a global DNS provider, making much of the internet unusable for many.
Here’s what Dyn, the targeted DNS provider, said of the attack then:
“At this point we know this was a sophisticated, highly distributed attack involving 10s of millions of IP addresses. We are conducting a thorough root cause and forensic analysis, and will report what we know in a responsible fashion. The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations. We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai botnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack.”
10 million devices, flooding networks with garbage traffic. Why? According The Wall Street Journal, it’s because one angry gamer was pissed about Sony’s PlayStation Network.
Says Dale Drew, CSO of Level 3 Communications:
“We believe that in the case of Dyn, the relatively unsophisticated attacker sought to take offline a gaming site with which it had a personal grudge and rented time on the IoT botnet to accomplish this.”
While Drew hasn’t said which gaming site, The Wall Street Journal has, saying that the entire outage was brought about because somebody was mad at Sony. According to Forbes, all it took was buying the attack on the deep, dark web for $7500. The attack lasted for less than a full day. Is that worth over R100 000? That’s money that could have been spent on – materialistically – moving to another platform.