Who Should We Blame For Friday's DDOS Attack?

"Wondering which IoT device types are part of the Mirai botnet causing trouble today? Brian Krebs has the list," tweeted Trend Micro's Eric Skinner Friday, sharing an early October link which identifies Panasonic, Samsung and Xerox printers, and lesser known makers of routers and cameras. An anonymous reader quotes Fortune: Part of the responsibility should also lie with lawmakers and regulators, who have failed to create a safety system to account for the Internet-of-Things era we are now living in. Finally, it's time for consumers to acknowledge they have a role in the attack too. By failing to secure the internet-connected devices, they are endangering not just themselves but the rest of the Internet as well.
If you're worried, Motherboard is pointing people to an online scanning tool from BullGuard (a U.K. anti-virus firm) which checks whether devices on your home network are listed in the Shodan search engine for unsecured IoT devices. But earlier this month, Brian Krebs pointed out the situation is exacerbated by the failure of many ISPs to implement the BCP38 security standard to filter spoofed traffic, "allowing systems on their networks to be leveraged in large-scale DDoS attacks..."

The Usual Suspects

[Fire_Wraith]

So here we go through the pros and cons of each. This is not to rule any of them out, as I don't think you can at this point, but to lay it all out there.

Hacktivists (Specifically New World Hackers):
Pro - claimed responsibility. Anonymous/offshoots responsible for lots of past DDoS activity.
Cons - Several security firms called BS on the evidence, and cited past history of false claims of responsibility to boost DDoS for hire business. Also the complexity and sophistication make this unlikely.

Cybercriminals:
Pro - probable originators of Mirai botnet, likely responsible for preceding DDoSes of Brian Krebs and OVH.
Con - No stated ransom demands (at least none reported) or other identifiable material benefit. Lacks a direct reason.

North Korea:
Pro - Past history of DDoS and malware attacks. Never claims responsibility. Suffers nothing if the internet goes down.
Cons - Attack only targeted the USA, not perennial NK targets of South Korea or Japan. If this was North Korea, why ignore those two?

Russia
Pro - contacts/influence in Russian cybercrime community. Possible interest in interference in US politics.
Con - No real rhyme or reason for doing so now. Widespread (as opposed to targeted) disruptions likely don't have any predictable impact to swaying the election.

China
Pro - Reports that many of the infected devices were Chinese in origin
Con - China normally steals your business secrets rather than DDoS you. Chinese devices weren't the only ones, too - bad security is everywhere.

US intelligence (NSA et al)
Pro - False flag?
Con - NSA wants to listen in on your data, not shut you off from communicating. Unlikely that there is anyone who supports Wikileaks/Assange/Anonymous/etc that would change their minds over this.

This is by no means a comprehensive list, just off the top of my head.

Re:How do you secure the unsecurable?

[ArmoredDragon]

I think the best way to handle this is to make people somehow accountable when they participate in a DDoS, whether they do it willingly or not. Personally I think their internet access should be throttled to dialup speed for 60 days if they are conclusively found to be participating, and that 60 days starts over each time they're found participating. It will make them think twice about buying insecure shit.