Massive cyber attack a dress-rehearsal for the US election?

Jim Geraghty: could be dress rehearsal for election day attack

RELATED AUDIO: Umbrellar's Adrian Grant on the rise of cyber attacks that overwhelm websites (June 13)

0
0:00 0:10

The FBI and US Department of Homeland Security are investigating a cyber attack that hit the US Saturday NZT, inhibiting the ability of millions of Americans to access major internet sites and services such as Twitter, SoundCloud, Spotify, iHeartRadio and Netflix.

The attack also fleetingly hit Kiwis, with Twitter unable to load images for New Zealand users for a brief period on Saturday morning as the so-called "internet of things" was hijacked en masse in a new style of internet attack.

A number of pundits, including CNN and Fox News contributor Jim Geraghty, have speculated it could have been a dress-rehearsal for an Election Day attack. 

While most voting is manual and in-person, a number of states now allow online voting for Americans offshore on election day, or in the month running up to the November 8 ballot (many states also allow early voting from up to 30 days out; a handy service given the election is always on the first Tuesday in November, a workday. As of today, more than five million have voted). US troops stationed overseas can also vote electronically. And, of course, it would cause election day chaos if the compilation of results was delayed by internet outages.

Saturday's attack was also notable for being a new kind of cyber assault.

On one level it was familiar in that it was a DDoS (distributed denial of service) attack, used to overwhelm a service with connection attempts by automated "bots" so regular users of a site find it hard or impossible to access. 

Whoever behind the attack was savvy in that they targeted Dyn, a major domain name system provider. DNS providers are like the switchboard of the internet, and zeroing in on Dyn was a clever way to disrupt access hundreds of sites and services at once, particularly for people in the northeast of the US. But again, that was not unique.

What set this attack apart was that DDoS attacks have historically relied on hijacking thousands of people's desktop and laptop computers, then using them as staging posts for a co-ordinated effort to swamp a website or service provider.

Saturday's effort was one of the first major DDoS attacks to utilise, in part, internet-connected gadgets – that is, anything from a security camera to a home wi-fi router to a smart power meter that has its own IP (internet protocol) address. Security expert Daniel Ayers points out it was not the first, however. "The 630Gbit/s DDos attack on Brian Krebs a few weeks ago exploited IoT [the "internet of things"] and analysis suggests that followKrebshe krebs attack the source code for that botnet was released and has been used in copycat attacks, including Dyn," he tells NBR.

Often lax security around connected gadgets has been a recurring theme for security analysts recently as the "internet of things" proliferated. Now, the general public has had a wake-up call.

On the plus side, the attack also showed, once again, the resilience of the internet's distributed architecture, which means there is no central point for hackers (or malicious governments) to target. Although tens of millions of IP addresses were hijacked in new and complex fashion, the attack was still repelled within hours.

Fingers have been pointed at China and Russia but so far no strong evidence has emerged of what group, or government, was been the attack.


1 · Got a question about this story? Leave it in Comments & Questions below.

This article is tagged with the following keywords. Find out more about MyNBR Tags

1 Comment & Question

Commenter icon key: Subscriber Verified

Interesting real time map of world wide cyper attacks. It looks like world war 3 has broken out. Someone seems to be using a NZ located botnet to attack sites in the US.
https://threatmap.fortiguard.com

Reply
Share
  • 0
  • 0

Post New comment or question

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

NZ Market Snapshot

Forex

Sym Price Change
USD 0.7451 0.0000 0.00%
AUD 0.9417 0.0000 0.00%
EUR 0.6389 0.0000 0.00%
GBP 0.5734 0.0000 0.00%
HKD 5.8206 0.0000 0.00%
JPY 82.8030 0.0000 0.00%

Commods

Commodity Price Change Time
Gold Index 1254.9 12.220 2017-07-21T00:
Oil Brent 48.3 -1.290 2017-07-21T00:
Oil Nymex 45.8 -1.190 2017-07-21T00:
Silver Index 16.4 0.112 2017-07-21T00:

Indices

Symbol Open High Last %
NZX 50 7672.4 7675.2 7672.4 -0.02%
NASDAQ 6383.1 6388.8 6390.0 -0.04%
DAX 12424.8 12464.1 12447.2 -1.66%
DJI 21591.7 21592.6 21611.8 -0.15%
FTSE 7487.9 7515.1 7487.9 -0.47%
HKSE 26777.4 26778.4 26740.2 -0.13%
NI225 20089.9 20135.3 20144.6 -0.22%
ASX 5761.5 5761.5 5761.5 -0.67%