Massive DDOS Attacks Are Now Targeting Google, Amazon, and the NRA

PC Magazine reports: A new way to amplify DDoS attacks has been spotted harassing Google, Amazon, Pornhub and even the National Rifle Association's main website after striking Github last week. The attacks, which exploit vulnerable "memcached servers," have been trying to hose down scores of new targets with a flood of internet traffic, according to Chinese security firm Qihoo 360... Github was the first high-profile victim and suffered a 1.35 Tbps assault -- or what was then the biggest DDoS attack on record. But days later, an unnamed U.S. service provider fended off a separate assault, which measured at 1.7 Tbps. Unfortunately, the amplified DDoS attacks haven't stopped. They've gone on to strike over 7,000 unique IP addresses in the last seven days, Qihoo 360 said in a blog post... Gaming sites including Rockstargames.com, Minecraft.net, and Playstation.net have been among those hit...

The security community is also steadily addressing the linchpin to all the assaults: the vulnerable memcached servers. About 100,000 of these online storage systems were publicly exposed over a week ago. But the server owners have since patched or firewalled about 60,000 of them, Radware security researcher Daniel Smith said. That leaves 40,000 servers open to exploitation. Smith points to how the coding behind the attack technique has started to circulate online through free tools and scripts.
Meanwhile, Slashdot reader darthcamaro shares an article about "the so-call 'kill switch'" that some vendors have been debating: "The 'kill switch' was immediately obvious to everyone who worked on mitigating this DDoS attack," John Graham-Cumming, CTO of CloudFlare said. "We chose not to use or test this method because it would be unethical and likely illegal since it alters the state of a remote machine without authorization."

Part of the Problem?

[Toad-san]

You then deserve what you get.

"Meanwhile, Slashdot reader darthcamaro shares an article about "the so-call 'kill switch'" that some vendors have been debating:
"The 'kill switch' was immediately obvious to everyone who worked on mitigating this DDoS attack," John Graham-Cumming, CTO of CloudFlare said. "We chose not to use or test this method because it would be unethical and likely illegal since it alters the state of a remote machine without authorization.""

Unethical my ass. Turn those suckers off.

We need more Security by Design

[Aethedor]

We need more software that are secure by design. There is no reason to have a tool like memcached available for the entire internet. The memcached developers should have made it listen to localhost only by default. The setting to make it listen to other interfaces should be well explained in the manual, with all the risks and are-you-sure-you-want-this warnings.

ALL

[Noishkel]

Well that's because the NRA is OBVIOUSLY responsible for EVERY SINGLE shooting that happens. Just like every Cloud Flair is responsible for every act of piracy that happens, Ford is responsible for every car crash, pharmaceutical manufacturers are responsible for every single OD, every single Mullah is responsible for every act of Islamist terror, and every single white male is reasonable for pretty much everything.

It's the [Current Year] and no one has any time for reasonable discussion. Just ban everything and you're a racist for not knowing this already.

Re:ALL

The reason the NRA is targeted is not because they are responsible for the massive slaughters we've seen lately, but unlike the other groups you mention they actively oppose ANY EFFORT TO FIX THE PROBLEM. As a matter of fact, they think the answer to the problem is more guns. This is basically like pharmaceutical companies telling you that the answer to opioid abuse is to try to get more opioids on the market to bring the prices down. If you're STILL having some cognitive dissonance here, you should try watching this.

Re: ALL

When the media stopped mentioning suicides in the news in the 1980s, they plummeted significantly.

The media turns the shooters into celebrities, from giving biographies about Cruz, to reading his manifesto, to fawning over the Smith & Wesson M&P 15 that he used for his massacre, to mentioning him as a red-carpet celebrity constantly, above all other news for weeks on end. What does this give kids who are already coked to the gills on Prozac or an anti-depressant, who are kicked around, and normally would be suicidal? Yep, they realize they will get adulation and praise like they are a war hero, go find themselves a firearm, by hook or crook, and go take out who they think are the bad guys, committing suicide by cop... because the press will give them their 15 minutes and a score, for other shooters after that to beat.

Of course, we will get the "assault weapons" ban. It won't stop anything. If an AR isn't available, a Mini 14 will be. If semi auto rifles are not available, then there are shotguns. If semi auto shotguns are banned, a sawed off pump. If all guns magically are banned, someone will drive a pickup truck into the school. The fact is, the press turns the murderers into celebrities, rolling out the red carpet, to the point where they will pay the criminal defense teams if the killer writes a book and sells it.

Stop turning these fuckheads into war veterans, and we will see the mass homicides go down. Gun bans are not going to stop it.

Re: ALL

[ScentCone]

Maryland, likewise, as some of the toughest gun laws in the country. The city of Baltimore further tightens those, making gun ownership there extremely difficult. And yet, Baltimore is now the murder capital of the country. And ... shockingly, the overwhelming majority of those crimes are committed with: guns possessed by people not legally allowed to own them, guns which were procured usually through theft or fraud. Meanwhile, just miles away in almost every direction, guns are substantially easier to get and carry legally, are owned by FAR more people, and the rates (and hard numbers) of crimes involving guns are a small fraction of what they are in Baltimore. Why? Because criminals in Baltimore face very little in the way of consequence for being career criminals.

Shouldn't the rest of the nation be the same?

No. Because all of the places that most tighten down such laws see increases in murder and other crime. But nationally, such crime has been in a steady decline for thirty years, even as gun ownership has jumped by millions. Your narrative is exactly, precisely backwards.

Re:ALL

[LaughingRadish]

The reason the NRA is targeted is not because they are responsible for the massive slaughters we've seen lately, but unlike the other groups you mention they actively oppose ANY EFFORT TO FIX THE PROBLEM. As a matter of fact, they think the answer to the problem is more guns. This is basically like pharmaceutical companies telling you that the answer to opioid abuse is to try to get more opioids on the market to bring the prices down. If you're STILL having some cognitive dissonance here, you should try watching this.

Here's a slight but very significant correction: The NRA actively opposes ineffective and counter-productive efforts to fix the problem. The talking heads either can't or won't offer any rational justification for gun control, so they resort to name-calling.

Re:NRA

[BeerCat]

Why would anyone target The NRA? Seems really suspicious.

Maybe because they oppose net neutrality?
https://www.reuters.com/articl...

Re: NRA

Howdy, brownshirted thug! Nice boots you have on!