Oct 28, 2016

DoS and DDoS

These letters mean Denial of Service and Distributed Denial of Service. They are important, because last Friday was not so happy for people trying to get into Amazon, Twitter, GitHub, Heroku, Paypal, Etsy, Spotify, Soundcloud, Reddit, Crunchbase, Netflix, BBC, CNN, The New York Times, HBO Now, Elder Scrolls online, Yelp, Freshbooks, various Squarespace sites, Pinterest, Twilio, NHL.com, Quora, Business Insider, Zillow, Box, tableau, GrubHub, Overstock, Walgreens, Ruby Lane, Pixlr,  PicMonkey, Ticketfly, and ironically, outageanalyzer - plus more.


DDoS originate when multiple compromised devices or systems are used to target a single computer system. Victims of a DDoS attack are both the end targeted system and all systems maliciously controlled by hackers in the distributed attack. The incoming traffic flooding the victim originates from potentially hundreds of thousands to many millions of devices, including PCs, cameras, DVRs, and many smart devices, such as thermostats, etc. The wave of outages move from the East coast of the US to the West coast as the day progressed. It was reported that 145 thousand security cameras among other devices were part of the attackers causing the outages.


Incidentally, a way you can prevent your devices from being part of the problem is easily solved by changing the default password. Unfortunately many connected devices, such as thermostats, refrigerators, etc. do not provide a means to change the default password. Caveat Emptor.