Got a tip for us?
Let us know
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.
Internet
- Thread starter oldhifi
- Start date
- Sort by reaction score
Level3, a global provider of internet services, many of which are required by various ISPs to function, has been having issues since late last night. To give you an idea of the magnititude, several years ago a cable of Level3's was severed by accident which resulted in 3 major ISPs in 12 different states to suffer outages. Very slow service in Central America, Europe and parts of Asia.
ICANN is merely in charge of a selection of domain names, names appointed to IP addresses. That's it, nothing more and nothing less.
ICANN is merely in charge of a selection of domain names, names appointed to IP addresses. That's it, nothing more and nothing less.
Different, today's evet is a massive DDoS on Dyn, last time it was only you.
Click Me for Gizmodo Article on it
DNS outages to DDoS are incredibly common. This one was likely due to Battlefield 1 releasing to the public. It always happens when a big time game is being released. Just a bunch of losers wanting to mess it up for everyone else. I was able to use Spotify, Netflix and other services affects from 11 PM Thursday to 12 PM Friday. I didn't even know there was a problem until I turned on CNN to see what was happening the with the Politician equivalent of the Kardashians, also known as the 2016 Elections.
Off the top of my head, BF3 and BF4 releases were plagued by DNS DDoS, as was that sci-fi space shooter on XBox, that really popular one that I can't recall at the moment. A DNS DDoS was used as a cover on various services while hackers store Sony file, etc.
Off the top of my head, BF3 and BF4 releases were plagued by DNS DDoS, as was that sci-fi space shooter on XBox, that really popular one that I can't recall at the moment. A DNS DDoS was used as a cover on various services while hackers store Sony file, etc.
Sounds like there was more to it all in this case than just some game release or something like that.
Then what? All major DNS DDoS's have been attributed to huge releases or major events. In 2014, it was Christmas day when people got brand new XBox and PS4s. To understand these people, these individuals who'll gather thousands upon thousands of zombie computers to attack these networks, you have to think of the lowest denominator for a human individual. When the beta (or alpha, I forget) released for Battlefield 1, DICE and EA's servers experienced a relentless wave of DDoS for a few days before they could clamp down security. It could be a group of 10 people who, at their command, can instruct hundreds if not thousands of computers across the world to send junk data overflowing what networks are capable of delivering. DDoS'ing has been around since the late 1990s and it's incredibly simple to do. One could effectively learn how to do it over a couple weeks. The problem is that the DNS system and its extension is dated and opens itself to these attacks. It's why a script kiddy can download something and run it from their computer. It's a very, very simple way of bringing down a specific server if it's dedicated, a shared server or a cluster of them.
DDoS'ing a major DNS provider like Dyn has the added benefit of not attracting too much attention, even if the feds are involved now. There's a lot of logs to sort through compared to directly attacking a company like the 600+ Gb DDoS against the BBC because they ran several articles that pissed off a group. Or when mainland China began DDoS'ing pro-Democracy newspapers in Hong Kong because they began running articles on China to effectively "piss off" and not meddle in their affairs. There's a reason for every large-scale DDoS. It isn't something done for fun or out of the blue. In the case of NetFlix, Spotify, AWS, there's nothing to be had. Files are encrypted on AWS and the file retrieve isn't very simple unless the clusters are scaled up. Spotify and Netflix have little value apart from customer info, which in most cases is paid by PayPal or other intermediary services. Shows on Netflix aren't of too high a quality either, even when you're streaming 4K, it's still very compressed video. And with Spotify, well, even Premium customers can pick up on low bitrate music.
There would be more use in going after Apple and grabbing data from their content servers. Last year, a new Halo game (that's the one I was talking about last night) released around November. The fifth installment of the game. Microsoft was bombarded with DDoS attacks. When evaluating logs, there's a night and day difference in legitimate traffic and a DDoS attack. Christmas was also attacked. Two years ago, during another Halo release, Microsoft's servers were battered for at least a week if not more. This was around the Sony incident as well.
DDoS simply knocks a service on its ass. It causes money loss, but not much. If you wanted to do real damage, you'll hack the group or company. You want to be as discreet as possible in that case. The problem is a lot of companies tend to skimp on security. There was a claim the hackers of Sony had access to data for more than a year. They were able to skim a significant amount of data before the breach was discovered.
Last edited:
Your point is? DDoS have always used zombie systems AKA compromised systems. This is nothing new. That article is a dumbed down version of how a DDoS occurs. You prove nothing except post an article that reiterates what I said. Anything connected to the internet, any media relayed over a service, is susceptible to hacking. By knocking out a DNS service, you know out multiple individual services. Simply by causing trouble for Amazon, they managed to knock out a lot of services using the AWS platform, from EC2 instances to services that rely on CloudFront to provide content throughout the world.
We aren't talking about what DDoS means or how it works or anything like that, but more about the why aspect of it, as it relates to this particular case. You brought up Battlefield 1, and so far the coverage I've come across doesn't make any particular links to anything like that in relation to this DDoS attack.
Yes, and I brought up other examples. The Dyn attack also knocked Dice and EA servers offline for over a day. What are you saying? It was merely an example. Large game releases by major studios always attract DDoS attacks. Blizzard suffered one after a major release/update, the children's game Pokemon Go suffered a major relentless attack, etc. If you actually did some research instead of posting articles and understanding what these groups will do and what lengths they will go to knock a service out, you'll understand there is no motive other than to piss people off. The services knocked out the other day include minor financial services such as payroll providers, Spotify, Netflix, et al. These are services which have been around for a decade now, and in some cases since the late 1990s. These are services that were available and have always had the chance to have a massive attack coordinated toward them, but they never did. And when a big game goes to public beta or releases as Gold, imagine the coincidence how these networks all are attacked on those days to piss people off.
You will never find exact coverage of anything because this was a distributed DDoS attack. If they attacked the Dice/EA servers directly, then you'd find a connection. A distributed attack lessens the possibility of investigators finding out who the perpetrators were attacking.
So basically no real causality links to it aside from essentially anecdotal coincidences in various cases?
Sort of a mix of https://en.wikipedia.org/wiki/Correlation_does_not_imply_causation and https://en.wikipedia.org/wiki/Confirmation_bias in a sense.
Last edited:
If you want to go with a dumbed down coincidence, sure. But historically, even back to the first DDoS attack, it's always been targeted at a specific service or a DNS/backbone provider who routes traffic for major services. EA got battered heavily for weeks in the early days of the 2000s when they began launching online games such as Medal of Honor. Microsoft has suffered relentless attacks since the days of the XBox going online and suffers heavily each time they bring out a well known franchise game, Sony gets attacked, Blizzaard does and they and other providers were attacked heavily when Overwatch released this last summer, etc. As I said, at any other time, there is zero benefit be it financially or emotion wise to launch a DDoS attack against a provider, but when a major film or game releases, these attacks become common plane. You could say it was coincidence but history would say otherwise. During the coupe in Turkey, major news outlets both overseas and in the US were attacked directly to slow the transmission of news updates of the situation in Turkey. Each time Wikileaks, as awful as they are, mention a release they're attacked day and night. There is always a true purpose for a DDoS. It's to make people miserable. People out there who are sick in the head find that very entertaining. Just go look at PRSI. The bright side is that it's next to impossible for a site to be infiltrated during a DDoS.