October 26, 2016 by

FlashPoint: Historic DDoS Attacks the Work of Amateur Hackers

FlashPoint, a prominent business risk intelligence firm has concluded – in a primary analysis – that the massively disruptive DDoS attacks on DNS provider Dyn was the work of amateur hackers.

While some observers point the proverbial finger at state-sponsored hackers (Russia is a prime choice in the current political climate) as the perpetrators of last week’s crippling and unprecedented DDoS attacks against DNS provider Dyn, one firm has determined a far less malicious culprit. Business risk intelligence firm FlashPoint has claimed that the DDoS attacks were most likely instigated by script kiddies, the term used in the cybersecurity community for amateur hackers.

While one hacking group that calls itself ‘New World Hackers’ has taken credit for the DDoS attacks, FlashPoint states that such claims are most “likely to be false”.

One of the reasons for its analysis points to an interesting detail that came up during the course of its investigation – the infrastructure used in the attack also targeted a videogame company, a prominent one at that.

FlashPoint researchers wrote in their analysis:

While there does not appear to have been any disruption of service, the targeting of a video game company is less indicative of hacktivists, state-actors, or social justice communities, and aligns more with the hackers that frequent online hacking forums.

Furthermore, the firm also determined that the attacks had no basis for financial or political motivations due to the wide scope of the targeted and disrupted websites. Evidently, there were no attempts for extortion either.

Meanwhile, an internal Dyn investigation following the attacks concluded that swarms of internet traffic was borne out of the Mirai malware which, in turn, whipped up a botnet of hacked DVRs and webcams to inundate Dyn with internet traffic.

The theory of script kiddies being the instigators of the attacks has found support from members of the cybersecurity community. Mikko Hypponen, chief research officer at security firm F-Secure believes FlashPoint to be right in this regard, adding in an interview with TechCrunch:

I don’t believe the Friday attackers were financially or politically motivated. It was such an untargeted attack, it’s hard to find a good motive for it. So: kids.

Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

DDoS Attack Takes Down UK National Lottery Website

The UK National Lottery’s website and its associated mobile applications were knocked offline by...

Read more arrow_forward

DDoS Attacks Double with Corporate Data Under Threat

DDoS attacks are on the rise in 2017 with a third of all organizations facing at least one DDoS...

Read more arrow_forward

Lisa Bock on A New Twist on Ransomware - Internal DDoS

Lisa Bock is an associate professor of information technology at Pennsylvania College of Technology...

Read more arrow_forward