【】

On Friday, a massive distributed denial of services attack (DDoS) knocked out access to a number of major websites. Although the incident appeared to target the U.S., its effects rippled out internationally.
While facts are still emerging, it seems the attack centred on Dyn, a domain name systems (DNS) provider that essentially acts like a phone book for major sites such as Twitter, Amazon, Tumblr, Reddit and Spotify.
The DDoS attack aimed a firehouse of traffic at the company, apparently making use of millions of insecure internet-connected devices like baby monitors, digital video recorders and smart fridges, rendering it unusable.
What's worse, all those Internet of Things (IoT) devices could have been located anywhere, including Australia.
SEE ALSO:Why hackers choose DDoS attacksAccording to a statement from Dyn's chief strategy officer Kyle York, the initial attack mainly impacted internet users on the East Coast of the U.S., however a second wave "was more global in nature."
There were reports of users unable to access sites in Europe, and according to the digital performance monitoring company Dynatrace, Australian sites affected included banks such as ANZ and Westpac, and supermarkets Coles and Woolworths, among others.
A Westpac spokesperson toldMashablethe company "did not experience any service impact." ANZ, Coles and Woolworths have been contacted by Mashablefor comment on Dynatrace's report.
"It also looks like Australia was impacted by all three of the US attacks," Dave Anderson, data expert at Dynatrace, told Mashablein an email.
"While not as severe as the US, Australian sites were definitely experiencing performance problems as a result of the DDoS attacks overnight. Of the sites we've monitored, we can see that the average DNS connect time spiked to about 8 seconds, when normally it would average 3 milliseconds."
Dyn opened a Sydney office in 2014 and has also been contacted by Mashablefor comment.
While he couldn't comment on the impact of the DDos attack in Australia, Liviu Arsene, senior analyst at internet security software company Bitdefender, told Mashableany type of internet infrastructure, regardless of its location, could be vulnerable to a similar attack.
"Why? It's pretty simple. You can use that massive botnet to disrupt anything," he explained. "We are so interconnected ... You can target two or three or four hubs, and you can really paralyse the global internet infrastructure, and that will cause a serious outage."
"It's pretty simple. You can use that massive botnet to disrupt anything."
Michael Sentonas, vice president of technology strategy at CrowdStrike, said Friday's event certainly had potential flow-on effects for online platforms around the world.
In the future, Australia can't count itself out as a target. "You can point fake junk traffic at any type of online target," he said. "There's no reason this could not be targeted at infrastructure in this part of the world."
So far, there has not been an incident on such a significant scale in Australia, although he suggested we saw a classic DDoS event as users tried to logon to complete the 2016 Census, an incident that allegedly cost Australian taxpayers A$30 million ($22.78 million).
After Friday, some experts have called for regulators to get involved and ensure smart devices with little or no security can't be turned into some sort of DDoS zombie army.
Sentonas suggested a balance must be found between IoT innovation and ensuring people aren't building insecure products. "Some of them don't have any capability to be updated and secured in an easy fashion," he pointed out. "That needs to change for obvious reasons."
"Something has to happen," he added. "We can't have a situation where devices with factory settings can be used to do what we saw on the weekend."
At the very least, consider this a PSA: If you own a smart fridge or baby monitor, change your password (if the manufacturer was smart enough to give you that option).
"I would recommend for the average user who has internet connected devices, is at least make sure they have the latest security update. At least make sure you change the default password," Arsene said. "We need to all make sure these smart devices cannot be used to disrupt services."
相关文章
Here's what 'Game of Thrones' actors get up to between takes
Warning: Contains some mild Season 6 spoilers right at the end (the video is spoiler-free). 。LONDON -2025-04-24UK data regulator tells Cambridge Analytica to hand over user's data, or else
The UK's data regulator is not letting Cambridge Analytica get off scot-free. 。 The Information Commi2025-04-24Just a bunch of books we really love and think you should love too
There's a funny thing that happens when you tell someone you write about books. Almost always, they2025-04-24Adam Rippon and US Olympic stars skip White House meeting with Trump
Imagine becoming one of the most celebrated athletes in the world. Now imagine that the reward for y2025-04-24Nancy Pelosi warns colleagues after info hacked
House Minority Leader Nancy Pelosi warned fellow Democrats on Saturday to change their cellphone num2025-04-24UNICEF turns to cryptocurrency mining for fundraising
Taking control of one's browser to mine cryptocurrency has a somewhat of a negative connotation, but2025-04-24
最新评论