Massive DDOS Attacks Are Now Targeting Google, Amazon, and the NRA

PC Magazine reports: A new way to amplify DDoS attacks has been spotted harassing Google, Amazon, Pornhub and even the National Rifle Association's main website after striking Github last week. The attacks, which exploit vulnerable "memcached servers," have been trying to hose down scores of new targets with a flood of internet traffic, according to Chinese security firm Qihoo 360... Github was the first high-profile victim and suffered a 1.35 Tbps assault -- or what was then the biggest DDoS attack on record. But days later, an unnamed U.S. service provider fended off a separate assault, which measured at 1.7 Tbps. Unfortunately, the amplified DDoS attacks haven't stopped. They've gone on to strike over 7,000 unique IP addresses in the last seven days, Qihoo 360 said in a blog post... Gaming sites including Rockstargames.com, Minecraft.net, and Playstation.net have been among those hit...

The security community is also steadily addressing the linchpin to all the assaults: the vulnerable memcached servers. About 100,000 of these online storage systems were publicly exposed over a week ago. But the server owners have since patched or firewalled about 60,000 of them, Radware security researcher Daniel Smith said. That leaves 40,000 servers open to exploitation. Smith points to how the coding behind the attack technique has started to circulate online through free tools and scripts.
Meanwhile, Slashdot reader darthcamaro shares an article about "the so-call 'kill switch'" that some vendors have been debating: "The 'kill switch' was immediately obvious to everyone who worked on mitigating this DDoS attack," John Graham-Cumming, CTO of CloudFlare said. "We chose not to use or test this method because it would be unethical and likely illegal since it alters the state of a remote machine without authorization."

Wide-open memcached servers

There are enough moron administrators on the planet to make memcached ddos possible.
Jesus wept.

Re:NRA

[PolygamousRanchKid+]

Why would anyone target The NRA? Seems really suspicious.

It stokes up conflict among the pro-Second Amendment camps and ant-Second Amendment camps internally in the USA, and generally weakens democracy there. The right will blame it on the left, and they will all get into a massive huff over it.

International shits & giggles.

Why would anyone target Amazon, Google or Pornhub . . . ?

Why not, if someone else is footing the bill to disrupt the Internet.

Now who could that someone be . . . ?

I can see ignoring option before, but after time?

[SuperKendall]

That's great they managed to patch 60k out of 100k vulnerable systems...

But as the rest of the systems continue to degrade the internet - at some point don't you have to say, for the public good these servers have to be shut down externally?

It's fine and dandy to say it's not justified to disable someone else's system that is unknowingly taking part in an attack. But that ignores that all companies and people that put systems on the internet have a responsibility to monitor and keep them up to date, and if they abuse that responsibility they lose the right to complain about external kill switches being activated.

It seems like after some time if you cannot get people to be responsible, you do what you have to and maybe next time they will be more proactive about fixes.