勁呵, 將來愈多電器上網, 可以用來攻摯的工具會愈多 !
www.zerohedge.comLast Friday many Americans woke up to extremely slow or nonexistent internet services after a cyber attack "of unknown origin" on DNS service provider DYN took down much of the internet in the North East. As the day wore on, the attack spread across the country taking out numerous large websites including Twitter, Spotify, Reddit, eBay and the New York Times (we wrote about it here: "DNS Cyber Attack Returns As Northeast Internet Traffic Grinds To A Crawl For Second Time").
Some immediately accused Putin of taking down the US internet in retaliation for accusations of cyber attacks on the Democratic party and Hillary Clinton, although there was no official statement from the US.
Now, while the origin of the attack is still unknown (even though we're sure that Hillary's "17 intelligence agencies" have their suspicions), we're getting a better idea of how the attack was executed. According to Bloomberg, Internet-connected CCTV cameras made by a Chinese firm, Hangzhou Xiongmai Technology Co., were infected with malware that allowed hackers to takeover "tens of millions" of devices to launch the distributed denial-of-service (DDoS) attacks.
A Chinese security camera maker said its products were used to launch a cyber-attack that severed internet access for millions of users, highlighting the threat posed by the global proliferation of connected devices.
The attackers hijacked CCTV cameras made by Hangzhou Xiongmai Technology Co. using malware known as Mirai, the company said in an e-mailed statement. While Xiongmai didn’t say how many of its products had been infiltrated, all cameras made before September 2015 were potentially vulnerable.
The attack, which took down sites including Twitter, Spotify and CNN for long stretches, underscored how hackers can marshal an increasing number of online gadgets, collectively known as the Internet of Things, to disrupt the internet on an unprecedented scale.
“Mirai is a huge disaster for the Internet of Things. XM have to admit that our products also suffered from hacker’s break-in and illegal use," Xiongmai said in its e-mail.
Security professionals have anticipated an increase in attacks from malware that target connected gadgets. In Friday’s instance, hackers launched a distributed denial-of-service (DDoS) attack using tens of millions of malware-infected devices connected to the internet, according to Kyle York, Dyn’s chief strategy officer.
Seems the "internet of things" has it's downsides.
on.cc東網專訊
【on.cc東網專訊】 美國網絡效能管理公司Dyn系統上周五遭黑客攻擊,引發外國多個知名網站陷入癱瘓。美國國土安全部表明要提升「物聯網」(internet of things)的安全保障。中國兩間杭州企業杭州雄邁與浙江大華所生產的網絡攝影機,被點名批評旗下產品導致這次攻擊。目前,杭州雄邁將在美國召回去年4月前售出數百萬個網絡攝影機。
美國國土安全部部長約翰遜表示,針對Dyn的攻擊是由Mirai惡意程序執行,這種病毒專門針對網絡攝影機、連線互聯網的娛樂系統等物聯網設備。黑客透過Mirai控制視像鏡頭等設備後,策動分佈式阻斷服務攻擊(DDoS),通過給攻擊目標注入大量垃圾訊息,導致該網站或伺服器崩潰,令Twitter、PayPal與Spotify等Dyn公司的知名客戶服務中斷。
被點名批評的兩間中國企業,均承諾修復安全漏洞,但同時批評媒體抹黑。杭州雄邁宣布在美國召回部分產品,表示「我們必須承認,我們的產品被黑客攻破,並被非法利用。」惟該公司強調回收產品屬「社會責任」,認為大部分責任是由於用戶不更改默認密碼產生。浙江大華則表示,將為被指受攻擊威脅的網絡攝影機與錄影機提供軟件更新和換置新型號的折扣優惠。
難怪咁慢, CCTV要用好大 BRANDWIDTH
回覆刪除