Dyn DNS DDoS Likely The Work of Script Kiddies, Says FlashPoint

While nobody knows exactly who was responsible for the internet outrage last Friday, business risk intelligence firm FlashPoint released a preliminary analysis of the attack agains Dyn DNS, and found that it was likely the work of "script kiddies" or amateur hackers -- as opposed to state-sponsored actors. TechCrunch reports: Aside from suspicion falling on Russia, various entities have also claimed or implied responsibility for the attack, including a hacking group called the New World Hackers and -- bizarrely -- WikiLeaks, which put a (perhaps joke) tweet suggesting some of its supporters might be involved. FlashPoint dubs these claims "dubious" and "likely to be false," and instead comes down on the side of the script kidding theory. Its reasoning is based on a few factors, including a detail it unearthed during its investigation of the attack: namely that the infrastructure used in the attack also targeted a well-known video game company. The attack on Dyn DNS was powered in part by a botnet of hacked DVRs and webcams known as Mirai. The source code for the malware that controls this botnet was put on Github earlier this month. And FlashPoint also notes that the hacker who released Mirai is known to frequent a hacking forum called hackforums[.]net. That circumstantial evidence points to a link between the attack and users and readers of the English-language hacking community, with FlashPoint also noting the forum has been known to target video games companies. It says it has "moderate confidence" about this theory. The firm also argues that the attacks do not seem to have been financially or politically motivated -- given the broad scope of the targets, and the lack of any attempts to extort money. Which just leaves the most likely being motivation to show off skills and disrupt stuff. Aka, script kiddies.

Yikes

[stabiesoft]

If script kiddies can bring down top tier names on the web, imagine what state actors could do.

Lies, DamnLies and Statistics

[sdinfoserv]

If it's true that "script kiddies" took out 1/2 the US internet, trillions of dollars in transactions hang on a perilously delicate thread.
If security of IoT is that poor, companies that produce them need to be held legally and financially responsible for any loss.

Definitely script kiddies

[Dan+East]

Of course it was script kiddies. Why in the world would any state-sponsored group show their hand and blow a single-use resource (the IoT botnet) to accomplish... absolutely nothing at all. Taking down some of the internet for part of a day at a totally non-strategic point in time, with totally non-strategic targets, isn't something any state would do randomly just for fun. This attack was large enough that it triggered many actions to prevent it from happening again. You have Chinese IoT chipset manufacturers doing recalls and patching their code. Pressure is being put on ISPs to help filter these kinds of attacks (it is quite obvious when some large percentage of your customers start engaging in some very abnormal network behavior all at the exact same time). Online providers like Dyn are learning and coming up with ways to prevent future attacks on their end. The only thing the attack accomplished was awareness. No state sponsored organization would have wasted their offensive attack resources like this.