FBI Warns Internet Online Attacks on Private Industry Will Continue
November 08 2016 - 2:00AM
Dow Jones News
Online attacks launched from thousands of connected devices,
such as one that disabled parts of the internet in October, are
here to stay, the Federal Bureau of Investigation is warning.
"The exploitation of the 'Internet of Things' (IOT) to conduct
small-to-large scale attacks on the private industry will very
likely continue," the FBI wrote in an Oct. 26 bulletin to private
companies. A person familiar with the matter said a version of the
bulletin that appeared on the internet Friday was authentic.
In a statement, an FBI spokeswoman said, "In furtherance of
public-private partnerships, the FBI routinely advises private
industry of various cyberthreat indicators observed during the
course of our investigations. This data is provided in order to
help systems administrators guard against the actions of persistent
cybercriminals."
The FBI issued the bulletin five days after hackers used a
network—called Mirai—of internet-connected devices including
cameras and digital-video recorders to launch an attack on internet
service provider Dynamic Network Services Inc., known as Dyn. The
Oct. 21 attack left more than 1,200 websites unreachable for some,
disrupting companies such as Twitter Inc., Netflix Inc. and The
Wall Street Journal.
The nation's top law-enforcement agency said more attacks are
likely because Mirai's source code is public, allowing anyone with
technical expertise to set up his own "botnet" of hacked computers.
Researchers say other hackers over the past few weeks have used the
Mirai code to launch daily small- scale attacks, typically against
gaming websites or rivals.
The botnet takes control of consumer devices and reprograms them
to bombard victims with billions of bytes of unwanted data, a
technique known as a distributed denial of service, or DDoS,
attack.
Before the Dyn attack, Mirai had also attacked computer-security
blogger Brian Krebs and French web hosting provider OVH, and there
is now speculation that it could be used to launch attacks on
Tuesday, disrupting the U.S. election.
U.S. authorities have linked Russia to a continuing campaign to
disrupt Tuesday's election, but Russia hasn't been linked to the
Mirai botnet. Director of National Intelligence James Clapper said
Oct. 25 it didn't appear foreign governments were behind the Mirai
attack.
The "FBI does not have any confirmation of a group or
individuals responsible for the [Dyn] DDoS," the FBI's bulletin
states. It doesn't mention the upcoming election.
One researcher, who has been following the development of the
Mirai botnet, downplayed the possibility of an Election Day attack,
noting U.S. elections are administered by thousands of state and
local agencies, making them a tough target.
"There's no central infrastructure associated with the
elections," said Allison Nixon, a researcher with internet-security
firm Flashpoint. "So there are a lot of unknowns. I don't think
people should get too excited about the DDoS aspect of this."
Write to Robert McMillan at Robert.Mcmillan@wsj.com
(END) Dow Jones Newswires
November 08, 2016 01:45 ET (06:45 GMT)
Copyright (c) 2016 Dow Jones & Company, Inc.
Netflix (NASDAQ:NFLX)
Historical Stock Chart
From Mar 2024 to Apr 2024
Netflix (NASDAQ:NFLX)
Historical Stock Chart
From Apr 2023 to Apr 2024