Cybercriminals staging major attack on U.S. websites

What’s happening to the nation’s big websites today is yet another reminder how vulnerable we are.

A major cyberattack appear to be underway in the nation today, knocking out major social networking sites and other websites, including Major League Baseball, Twitter, Politico, Reddit, Amazon, and Disqus (which provides the infrastructure for comments on this blog).

Dynamic Network Services Inc., said its domain name system — DNS — was hit by the first attack a little after 7 this morning and another one is underway at this hour.

Denial of service attacks can knock out websites by flooding them with junk messages and requests, preventing anyone else from accessing them.

It could be punishment for a talk that exposed some of the methods cybercriminals do to stage these attacks.

“The attack on DYN comes just hours after DYN researcher Doug Madory presented a talk on DDoS attacks in Dallas, Texas at a meeting of the North American Network Operators Group (NANOG),” security expert Brian Krebs writes on his website today. “Madory’s talk delved deeper into research that he and I teamed up on to produce the data behind the story DDoS Mitigation Firm Has History of Hijacks.”

The size of these DDoS attacks has increased so much lately thanks largely to the broad availability of tools for compromising and leveraging the collective firepower of so-called Internet of Things devices — poorly secured Internet-based security cameras, digital video recorders (DVRs) and Internet routers. Last month, a hacker by the name of Anna_Senpai released the source code for Mirai, a crime machine that enslaves IoT devices for use in large DDoS attacks. The 620 Gbps attack that hit my site last month was launched by a botnet built on Mirai, for example.

Interestingly, someone is now targeting infrastructure providers with extortion attacks and invoking the name Anna_senpai. According to a discussion thread started Wednesday on Web Hosting Talk, criminals are now invoking the Mirai author’s nickname in a bid to extort Bitcoins from targeted hosting providers.

A White House spokesman says the Department of Homeland Security is also looking into the cyberattack.

This week, Politico reported that despite spending by media companies to protect their systems, news organizations are vulnerable to Election Night chaos should cybercriminals choose to attack then.

Senior U.S. officials, current and former lawmakers and cybersecurity pros told POLITICO the threat against the media is real — and they fret the consequences. Specifically, the security community is worried The Associated Press’ army of reporters could get hacked and the wire service — the newsroom that produces the results data on which the entire media world relies — inadvertently starts releasing manipulated election tallies or that cybercriminals penetrate CNN’s internal networks and change Wolf Blitzer’s teleprompter.

“It’s the art of possible is what really scares me,” said Tony Cole, chief technology officer of FireEye, a Silicon Valley-based cybersecurity firm that works with some of the country’s major television and newspaper companies. “Everything is hackable.”

“No site is safe,” added Tucker Carlson, editor-in-chief of The Daily Caller. “If the federal government can be hacked, and the intelligence agencies have been hacked, as they’ve been then, can any news site say we have better cybersecurity than the FBI or Google?”

Obviously not.

  • Mike Worcester
    • Anna

      At least there are professionals who are constantly working on cybersecurity and developing ways to circumvent the criminals. There is a lot of profit to be made developing the latest Internet security weapons.

      The digital age is a double-edged sword. We love the convenience but the hackers out there know how dependent everyone has become on their digital devices.

      All I have is an email account and a slider phone on which the wireless Internet access is disabled. No one can text me. They have to call and leave a message or they can call my landline.

      While I pay a lot of my bills online, I still receive hard, paper copies for all of my accounts with the exception of my electric bill so I can still pay them if my Internet service is down for an extended period.

      The cost of repairs to fix a digital outage is probably a lot more than the postage for snail mail.

      The convenience of digital is costing healthcare consumers, too. The $276 cost for my shoulder x-ray two months ago is a direct result of the conversion to digital x-rays. A standard x-ray costs probably 1/10 of what it does for a digital one.

      When they start hacking into the electrical grid, we’re all going to be in trouble.

      “London Has Fallen” may not be too far off into the future.

      • BJ

        >The $276 cost for my shoulder x-ray two months ago is a direct result of the conversion to digital x-rays.

        Not true, all health care has a lot of factors in price and cost.

        • Anna

          Years ago, BJ not every hospital had MRI machines, nuclear medicine departments, CT scanners etc.

          If Hospital A didn’t have an MRI machine and Hospital B did, they had a cooperative agreement to send patients for advanced imaging if needed.

          Hospital A would do the same for Hospital B if they needed a PET scan for their patients and Hospital B didn’t have one.

          When managed care and preferred provider networks came into the picture, every major medical center had to have the latest technological advances to keep up with the Joneses down the street.

          This is precisely what has driven our healthcare costs through the roof.

          The human body is an amazing machine and like a computer that malfunctions, it gives certain signals when it is not in top working order. Many physicians have forgotten how to read those signals without expensive testing. Part of this is patient demand and part of this is fear of lawsuits.

          • tboom

            While technology is probably a contributor to high medical prices, I believe you should be looking at the pharmaceutical-industrial-complex as the major contributor to outrageous costs.

  • Ben

    “Change Wolf Blitzer’s teleprompter” now that might actually be worth the risk. Kidding aside, maybe this will force us all to be more patient with our news and analyze what we are reading/hearing/watching, but probably not.