Wikileaks begs supporters to call off massive cyber attack on US.

Wikileaks begs supporters to call off massive cyber attack on US.

The Department of Homeland Security has already launched an urgent investigation into the crash, amid claims it could be a precursor to an attempt to disrupt the US Presidential election further.

It was not immediately clear who was responsible and Gillian Christensen of the U.S. Department of Homeland Security said the agency was ‘investigating all potential causes.’

Political commentor Keith Olbermann even raised the possibility it could be a precursor to an attack on election day.

‘Say, not to panic anybody, but what if the (attacks) today were practice for 11/8 ?’ he tweeted.

WIKILEAK’S CLINTON EMAIL LEAK

Wikileaks  urged its backers to 'stop taking down the US internet', saying 'Mr Assange is still alive and WikiLeaks is still publishing'.

Wikileaks urged its backers to ‘stop taking down the US internet’, saying ‘Mr Assange is still alive and WikiLeaks is still publishing’.

Since October 7, WikiLeaks has released thousands of emails hacked from the Gmail account of Hillary Clinton’s campaign chairman John Podesta.

The Democratic White House hopeful’s campaign has not confirmed or denied the authenticity of the messages but accused Russia of being behind the hacking attack in an effort to tilt the presidential election in favor of Republican nominee Donald Trump.

The biggest revelations came out of paid speeches Clinton gave to investment banks and other financial institutions from 2013 to 2015.

The former secretary of state had refused to release the transcripts, a move that caused significant problems in her primary battle against Bernie Sanders, who accused her of being too cozy with Wall Street.

The WikiLeaks releases contained excerpts of several speeches, as well as full transcripts of three speeches that Clinton gave to Goldman Sachs, which showed how apparently at-ease the Democrat is in front of bankers.

Democratic presidential nominee Hillary Clinton's campaign has not confirmed or denied the authenticity of the emails but accused Russia of being behind the hack in an effort to tilt the election in favor of Republican nominee Donald Trump

Democratic presidential nominee Hillary Clinton’s campaign has not confirmed or denied the authenticity of the emails but accused Russia of being behind the hack in an effort to tilt the election in favor of Republican nominee Donald Trump

Dyn said it had resolved one attack, which disrupted operations for about two hours, but disclosed a second attack a few hours later that was causing further disruptions.

After tweeting it had fixed the issue, the firm then tweeted ‘We are continuing to mitigate a DDoS against our Managed DNS network,’ as the second wave hit.

Political commentor Keith Olbermann even raised the possibility it could be a precursor to an attack on election day.

Political commentor Keith Olbermann even raised the possibility it could be a precursor to an attack on election day.

The cyber attack meant that millions of internet users could not access the websites of major online companies such as Netflix and Reddit as well as the crafts marketplace Etsy and the software developer site Github, according to media reports.

The website Gizmodo said it had received reports of difficulty at sites for media outlets including CNN, The Guardian, Wired, HBO and People as well as the money transfer service PayPal.

Internet users across the globe were hit throughout the day as 'several' massive cyber attacks hit a DNS service provider. This image shows problems reported with Level 3, a business service provider.

Internet users across the globe were hit throughout the day as ‘several’ massive cyber attacks hit a DNS service provider. This image shows problems reported with Level 3, a business service provider.

Earnest: Federal agencies investigating ‘malicious’ cyber attacks

Loaded: 0%
Progress: 0%
0:00
Previous
Play
Skip
Mute
Current Time0:00
/
Duration Time0:32
Fullscreen
Need Text

‘This has prevented some of our customers from being able to pay with PayPal in certain regions,’ said Paypal spokeswoman Amanda Miller.

‘PayPal was not attacked directly, nor were any of our core services to business impacted in the disruption.’

Pictured is a map from Down Detector of the first attack, which mostly affected the east coast of the US, and many services were restored in about two hours

Pictured are maps from Down Detector of the first two attacsk, the first of which mostly affected the east coast of the US, whilt the UK bore the brunt of the second after many services were restored in about two hours

 New Hampshire-based Dyn lists some of the world's biggest online brands among its customers

 New Hampshire-based Dyn lists some of the world’s biggest online brands among its customers

Amazon.com Inc’s web services division, one of the world’s biggest cloud computing companies, also disclosed an outage that lasted several hours on Friday morning.

Doug Madory, director of internet analysis at Dyn, told Reuters he was not sure if the outages at Dyn and Amazon were connected.

WHAT ARE DOMAIN NAME SERVERS USED FOR?

Anonymous in 2010 targeted the DNS provider EveryDNS as retribution for denying service to  WikiLeaks

Anonymous in 2010 targeted the DNS provider EveryDNS as retribution for denying service to WikiLeaks

Domain name servers are a crucial element of internet infrastructure, converting numbered Internet Protocol addresses into the domain names that allow users to connect to internet sites.

The loose-knit hacktivist network Anonymous in 2010 targeted the DNS provider EveryDNS among others in 2010 as retribution for denying service to the anti-secrecy organization WikiLeaks.

Though such attacks are not uncommon, Friday’s incident immediately unscored the interconnected vulnerabilities for large portions of the internet, with brand-name companies affected by an attack on a single company.

‘The internet continues to rely on protocols and infrastructure designed before cyber security was an issue,’ said Ben Johnson, a former engineer at the National Security Agency and founder of the cyber-security company Carbon Black.

‘We provide service to Amazon but theirs is a complex network so it is hard to be definitive about causality at the moment,’ he said.

Amazon could not immediately be reached for comment.

The two separate attacks can clearly be seen in this graph of crash reports for Twitter

The two separate attacks can clearly be seen in this graph of crash reports for Twitter

New Hampshire-based Dyn said its server infrastructure was hit by a distributed denial-of-service attack, which works by overwhelming targeted machines with malicious electronic traffic.

The level of disruption caused was hard to gauge, but Dyn provides internet traffic optimisation to some of the biggest names on the web.

‘This morning, October 21, Dyn received a global DDoS attack on our Managed DNS infrastructure in the east coast of the United States,’ said Scott Hilton, executive vice president for products at Dyn, in a statement.

Twitter reported multiple problems and is believed to have been hit by both attacks

Twitter reported multiple problems and is believed to have been hit by both attacks

The reports show two seperate attacks - with services coming back online before disappearing again for many users

The reports show two seperate attacks – with services coming back online before disappearing again for many users

‘DNS traffic resolved from east coast name server locations are experiencing a service degradation or intermittent interruption during this time,’ Hilton added.

‘We have been aggressively mitigating the DDoS attack against our infrastructure.’

A map shows the area where Spotify is affected. 'Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure,' says a statement on the company's website

A map shows the area where Spotify is affected. ‘Starting at 11:10 UTC on October 21th-Friday 2016 we began monitoring and mitigating a DDoS attack against our Dyn Managed DNS infrastructure,’ says a statement on the company’s website

A chart shows Twitter outages over the last 24 hours with a huge peak later in the day

A chart shows Twitter outages over the last 24 hours with a huge peak later in the day

A number of major sites including Spotify are to be down in an internet outage. Internet infrastructure provider Dyn said this was due to an ongoing interruption of its network. Pictured is a chart of Spotify outages reported in the last 24 hours on Down Detector

A number of major sites including Spotify are to be down in an internet outage. Internet infrastructure provider Dyn said this was due to an ongoing interruption of its network. Pictured is a chart of Spotify outages reported in the last 24 hours on Down Detector

DDoS attacks are a primitive form of hacking using botnets – networks of computers that hackers bring under their control.

They do this by getting users to inadvertently download software, typically by following a link in an email or agreeing to download a corrupted file.

These botnets are then used to bombard the servers with simple requests for information carried out simultaneously, causing them to become overwhelmed and shut down.

Twitter users were quick to comment on the widespread outage. 'You know it's going to be a fun day when you wake up to a ton of alert emails saying everything is broken,' said one user

Twitter users were quick to comment on the widespread outage. ‘You know it’s going to be a fun day when you wake up to a ton of alert emails saying everything is broken,’ said one user

The attack, which started today, impacted websites hosted by the domain company DYN. According to the OCD Tech twitter account, there are 173,831 domains hosted on DYN name servers

The attack, which started today, impacted websites hosted by the domain company DYN. According to the OCD Tech twitter account, there are 173,831 domains hosted on DYN name servers

Reddit (pictured) was one of the websites affected by today's DDoS attack

Spotify (logo left) and Reddit (logo right) were two of the websites affected by today’s DDoS attack. Users in the UK have been mostly unaffected by the issue

Other Twitter users were annoyed about the inconvenience the Spotify outage caused for their ability to listen to music

Other Twitter users were annoyed about the inconvenience the Spotify outage caused for their ability to listen to music

The attack was first reported on website Hacker News, which named social media giant Twitter along with music service Spotify among a list of ‘sites down’.

‘O-M-G… Twitter is down.That’s what you may have heard many of your friends, family members and work colleagues saying today if they were based in the US and some other parts of the world,’ said Lee Munson, security researcher for Comparitech.com.

‘The reason being, online criminals have once again gone after a significant site with a DDoS attack.

‘Not Twitter, or other popular and equally affected sites such as Spotify, Reddit, Github and SoundCloud though, but rather DNS provider Dyn.

‘And that highlights a problem – any company running its own website may well have its own technology in place to mitigate DDoS attacks, but it’s all for nought if the DNS provider itself is not applying a sufficient enough level of protection to its own servers and data centres.’

Users in the UK were mostly unaffected by the issue.

WHO WAS HIT BY THE ATTACK? 
Thousands of sites were hit, including:
Twitter
Reddit
Spotify
Esty
Box
Wix Customer Sites
Squarespace Customer Sites
Zoho
CRM
Iheart.com (iHeartRadio)
Github
The Verge
Cleveland.com
hbonow.com
PayPal
Big cartel
Wired.com
People.com
Urbandictionary.com
Basecamp
ActBlue
Zendesk.com
Intercom
Twillo
Pinterest
Grubhub
Okta
Starbucks rewards/gift cards
Storify.com
CNN
Yammer
Playstation Network
Recode Business Insider
Guardian.co.uk
Weebly
Yelp

Commenting on this, Richard Meeus, VP technology EMEA at NSFOCUS, a DDoS mitigation company, said: ‘DNS has often been neglected in terms of its security and availability from an enterprise perspective – it is treated as if it will always be there in the same way that water comes out of the tap and electricity is there when you switch it on.

‘This attack highlights how critical DNS is to maintaining a stable and secure internet presence, and that the DDOS mitigation processes businesses have in place are just as relevant to their DNS service as it is to the web servers and datacentres.’

Reports suggest that some of the affected websites have since improved in reliability.

An FBI representative said she had no immediate comment on the outages.

Dyn is a Manchester, New Hampshire-based provider of Internet infrastructure services, including managing DNS activity that connects a user to a website’s servers.

Some Twitter users mocked the attacks. Someone named 'Gorman' created a Mean Girls meme (pictured) making fun of the widespread nature of the attack

Some Twitter users mocked the attacks. Someone named ‘Gorman’ created a Mean Girls meme (pictured) making fun of the widespread nature of the attack

Dyn is a Manchester, New Hampshire-based provider of Internet infrastructure services, including managing DNS activity that connects a user to a website's servers. Twitter users said it was 'shocking' how many websites were affected by the attack

Dyn is a Manchester, New Hampshire-based provider of Internet infrastructure services, including managing DNS activity that connects a user to a website’s servers. Twitter users said it was ‘shocking’ how many websites were affected by the attack

David Gibson, VP of strategy and market development at Varonis saidL ‘Like many of our aging technologies, DNS wasn’t built with security in mind.

‘Unfortunately, DNS is a foundation technology for the internet that allows people to connect to internet resources with human names rather than IP addresses (think of them as internet phone numbers), and when its vulnerabilities are exploited attackers can do a lot of damage – computers don’t know which ‘phone number’ to call when you want to connect to a particular site, like Hacker News.

‘DNS is one of the aging technologies the industry is struggling to update, along with one-factor authentication (password-only security), unencrypted web connections – the list is very long, and the stakes have never been higher.

‘Many people and organisations are affected by today’s attack and by the email and file (e.g. video) leaks over the past couple months.’

Read more: http://www.dailymail.co.uk/sciencetech/article-3859500/Widespread-internet-havoc-major-attack-takes-websites-offline-Spotify-Twitter-sites-suffer-outages.html#ixzz4NlR2zomB

Related Posts

Facebook Comments