Hack tests web defenses
Cyberattacks on key internet firms disrupt services nationwide.
Withering cyberattacks on server farms of a key internet firm repeatedly disrupted access to major websites and online services, including Twitter, Netflix and PayPal, across the United States on Friday. The White House called the disruption malicious, and a hacker group claimed responsibility, although its assertion couldn’t be verified.
Manchester, N.H.-based Dyn Inc. said its data centers were hit by three waves of distributed denial-of-service attacks, which overwhelm targeted machines with junk-data traffic. The attacks, shifting geographically, had knock-on effects for users trying to access popular websites across the U.S. and even in Europe.
“The complexity of the attacks is what is making it so difficult for us,” said Kyle York, the company’s chief strategy officer. “What they are actually doing is moving around the world with each attack.” He said an East Coast data center was hit first; attacks on an offshore target followed later.
The data flood came from tens of millions of internet-connected machines, including increasingly popular but highly insecure household devices such as webconnected cameras. It was an onslaught whose global shifts suggested a sophisticated attacker, although Dyn said it had neither suspect nor motive.
The level of disruption was difficult to gauge, but Dyn serves some of the biggest names on the web, providing the domain name services that translate the numerical internet addresses into human-readable destinations such
as “twitter.com.”
Steve Grobman, chief technology officer at Intel Security, compared an outage at a domain-name services company to tearing up a map or turning off GPS before driving to the department store. “It doesn’t matter that the store is fully open or operational if you have no idea how to get there,” he said.
Jason Read, founder of the internet performance monitoring firm CloudHarmony, said his company tracked a half-hour disruption early Friday in which roughly one in two end users would have found it impossible to access various websites from the East Coast.
“We’ve been monitoring Dyn for years, and this is by far the worst outage event that we’ve observed,” said Read.
Dyn provides services to 6 percent of America’s Fortune 500 companies, he said. A full list of affected companies wasn’t immediately available, but Twitter, Netflix, PayPal and the coder hangout Github said they experienced problems.
Hackers’ claim
Members of a shadowy collective that calls itself New World Hackers claimed responsibility via Twitter. They said they organized networks of connected “zombie” computers called botnets that threw a staggering 1.2 terabits per second of data at the Dyn-managed servers.
“We didn’t do this to attract federal agents, only test power,” two collective members who identified themselves as “Prophet” and “Zain” told an Associated Press reporter via a Twitter direct-message exchange. They said more than 10 members participated in the attack.
The collective — on Twitter, it’s @NewWorldHacking — has in the past claimed responsibility for similar attacks against sites, including ESPN.com in September and the BBC on Dec. 31. The attack on the BBC marshaled half the computing power of Friday’s onslaught.
The collective also has claimed responsibility for cyberattacks against the Islamic State terrorist group. The two said about 30 people have access to the @NewWorldHacking Twitter account. They claim 20 are in Russia and 10 in China. “Prophet” said he is in India. “Zain” said he is in China. The two claimed their actions were “good,” presumably because they highlighted internet security problems.
Another collective member the AP pre-
Indian bank authorities say 3.2 million debit cards hacked •
new delhi» Indian banks scrambled Friday to contain the damage after finding that more than 3.2 million debit cards may have been hacked.
Several banks, including the government-run State Bank of India, advised customers to change their personal identification numbers. The banks have recalled thousands of debit cards and blocked others that they fear have been hacked.
The breach is thought to have been caused by malware on an ATM network.
Finance Minister Arun Jaitely said Friday the government was investigating how the security breach occurred.
The National Payments Corporation of India that controls all retail payment systems in India said banks had received complaints from customers that their cards had been used fraudulently in China and the U.S. The NCPI has alerted banks that 3.2 million cards were affected. The Associated Press viously communicated with via direct message called himself “Ownz” and identified himself as a 19-year-old in London. He told the AP that he sought only to expose security vulnerabilities.
During the attack on the ESPN site, “Ownz” was asked if the collective made any demands on sites it attacked, such as demanding blackmail money. “We will make one demand actually. Secure your website and get better servers. Otherwise, be attacked again,” he said.
Vulnerability
For James Norton, the former deputy secretary at the Department of Homeland Security who now teaches on cybersecurity policy at Johns Hopkins University, the incident was an example of how attacks on key junctures in the network can yield massive disruption.
“I think you can see how fragile the internet network actually is,” he said.
In a widely shared essay titled “Someone Is Learning How to Take Down the Internet,” respected security expert Bruce Schneier last month said major internet infrastructure companies were seeing a series of worrying denial-of-service attacks.
“Someone is extensively testing the core defensive capabilities of the companies that provide critical internet services,” he said.