Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

Re Largest DDoS attack ever delivered by botnet of hijacked IoT devices

From: "Dave Farber" <farber () gmail com>
Date: Mon, 26 Sep 2016 19:05:27 -0400



Begin forwarded message:


From: "Livingood, Jason" <Jason_Livingood () comcast com>
Date: September 26, 2016 at 7:03:04 PM EDT
To: "dave () farber net" <dave () farber net>, ip <ip () listbox com>
Subject: Re: [IP] Largest DDoS attack ever delivered by botnet of hijacked IoT devices

I thought Brian’s mention of a need for a “Center for the Defense of Internet Journalism” an interesting one – 
basically a DDoS protection service for journalists in times of need. Maybe that is the role Google’s Shield project 
is trying to fill (https://projectshield.withgoogle.com/public/) for now, but perhaps Brian is suggesting something 
longer-term.
 
On the subject of IoT, it seems this is just the beginning – and most people feel it is going to get worse. FWIW, the 
BITAG has announced a paper on IoT Security & Privacy issues (see 
http://bitag.org/documents/pr20160628-Announcing-IoT-Topic.pdf - I am a co-editor). This most recent attack was over 
600 Gbps. What will happen when another 10 billion plus IoT devices come online in the coming years, connected to 
gigabit connections at home?
 
It is also worth noting, since BCP38 was mentioned, the ISOC MANRS project -> Mutually Agreed Norms for Routing 
Security. See http://www.routingmanifesto.org/manrs/.
 
- Jason Livingood
 
On 9/25/16, 2:46 PM, "dfarber" <dave () farber net> wrote:
 
 
 
Begin forwarded message:
 
From: the keyboard of geoff goodfellow <geoff () iconia com>
Subject: Largest DDoS attack ever delivered by botnet of hijacked IoT devices
Date: September 25, 2016 at 2:44:00 PM EDT
To: Dewayne Hendricks <dewayne () warpspeed com>, Peter Neumann Neumann <neumann () csl sri com>, Dave Farber <dave 
() farber net>
Cc: ip <ip () listbox com>
 
http://www.networkworld.com/article/3123672/security/largest-ddos-attack-ever-delivered-by-botnet-of-hijacked-iot-devices.html
 
Largest DDoS attack ever delivered by botnet of hijacked IoT devices
Attack proved too draining for Akamai to keep fighting it
 
Securing the internet of things should become a major priority now that an army of compromised devices – perhaps 1 
million strong - has swamped one of the industry’s top distributed denial-of-service protection services.
 
A giant botnet made up of hijacked internet-connected things like cameras, lightbulbs, and thermostats has launched 
the largest DDoS attack ever against a top security blogger, an attack so big Akamai had to cancel his account 
because defending it ate up too many resources.
 
It wasn’t that Akamai couldn’t mitigate the attack – it did so for three days – but doing so became too costly, so 
the company made a business decision to cut the affected customer loose, says Andy Ellis the company’s chief security 
officer.
 
The delivery network has dropped protection for the Krebs on Security blog written by Brian Krebs after an attack 
delivering 665Gbps of traffic overwhelmed his site Tuesday. The size of the attack was nearly double that of any 
Akamai had seen before.
 
--snip--
 
--
Geoff.Goodfellow () iconia com
living as The Truth is True
 
 
Archives  | Modify Your Subscription |  Unsubscribe Now

 




-------------------------------------------
Archives: https://www.listbox.com/member/archive/247/=now
RSS Feed: https://www.listbox.com/member/archive/rss/247/18849915-ae8fa580
Modify Your Subscription: https://www.listbox.com/member/?member_id=18849915&id_secret=18849915-aa268125
Unsubscribe Now: 
https://www.listbox.com/unsubscribe/?member_id=18849915&id_secret=18849915-32545cb4&post_id=20160926190536:B93DF99C-843D-11E6-B61F-88926CED4965
Powered by Listbox: http://www.listbox.com
Previous By Date Next
Previous By Thread Next

Current thread: