Wikipedia, World of Warcraft Downed By Weekend DDoS Attacks

This article discusses yet another series of DDOS attacks targeting well known websites.  Based on the article, these DDOS attacks are an example of a hacking group trying to validate skills and work toward larger attacks which will in turn inspire other attacks against new targets by other new hacking groups.  This is a systemic problem that will continue to grow and plague businesses and organizations worldwide.

It is important to consider the potential damage that can be caused by a DDOS attack and how your organization would remediate or mitigate such an attack.


These types of attacks are only going to get more frequent and more disruptive.  Important question to consider – is DDOS mitigation part of your core incident response plan?  Is it a component of your evaluation process when negotiating with vendors for services?

Lawmakers Asking What ISPs Can Do About DDoS Attacks

This is an intriguing step by Senator Warner, and it poses several follow up questions.  I am personally unsure how an ISP can govern the devices on the inside of any user’s home router or firewall.  Obviously, from a technical perspective, certain outbound traffic from a home can be filtered, but it would be very difficult to determine the configuration or firmware version of the source device.

ISP’s, however, are capable of assisting in the fight against DOS and DDOS attacks, depending on the architecture of their infrastructure and the investments they are willing to make to build dynamic solutions for routing and “blackholing” malicious traffic.

I am glad to see this debate coming to the forefront and receiving some well-deserved attention.  The answers, however, are not quite as clear as we would like them to be.

Mirai-Fueled IoT Botnet Behind DDoS Attacks on DNS Providers

This info concerning the Dyn attack was to be expected.  Attacks associated with large IoT botnet farms are only going to increase in the immediate future given the effectiveness demonstrated in the DDOS attack against Brian Krebs.  For the foreseeable future, this will be a defensive struggle simply because patching options for the IoT devices in question are largely non-existent.

We Need to Save the Internet from the Internet of Things

This is a very straight-forward and timely article by Bruce Schneier concerning the Internet of Things, framed in the light of the attack against Brian Krebs.  There are no simple solutions to this problem, this threat, but it is a threat that should be addressed and the solution or solutions will take time.  We need to starting working diligently.