FlashPoint: Historic DDoS Attacks the Work of Amateur Hackers

FlashPoint, a prominent business risk intelligence firm has concluded – in a primary analysis – that the massively disruptive DDoS attacks on DNS provider Dyn was the work of amateur hackers.

While some observers point the proverbial finger at state-sponsored hackers (Russia is a prime choice in the current political climate) as the perpetrators of last week’s crippling and unprecedented DDoS attacks against DNS provider Dyn, one firm has determined a far less malicious culprit. Business risk intelligence firm FlashPoint has claimed that the DDoS attacks were most likely instigated by script kiddies, the term used in the cybersecurity community for amateur hackers.

While one hacking group that calls itself ‘New World Hackers’ has taken credit for the DDoS attacks, FlashPoint states that such claims are most “likely to be false”.

One of the reasons for its analysis points to an interesting detail that came up during the course of its investigation – the infrastructure used in the attack also targeted a videogame company, a prominent one at that.

FlashPoint researchers wrote in their analysis:

While there does not appear to have been any disruption of service, the targeting of a video game company is less indicative of hacktivists, state-actors, or social justice communities, and aligns more with the hackers that frequent online hacking forums.

Furthermore, the firm also determined that the attacks had no basis for financial or political motivations due to the wide scope of the targeted and disrupted websites. Evidently, there were no attempts for extortion either.

Meanwhile, an internal Dyn investigation following the attacks concluded that swarms of internet traffic was borne out of the Mirai malware which, in turn, whipped up a botnet of hacked DVRs and webcams to inundate Dyn with internet traffic.

The theory of script kiddies being the instigators of the attacks has found support from members of the cybersecurity community. Mikko Hypponen, chief research officer at security firm F-Secure believes FlashPoint to be right in this regard, adding in an interview with TechCrunch:

I don’t believe the Friday attackers were financially or politically motivated. It was such an untargeted attack, it’s hard to find a good motive for it. So: kids.

Image credit: Pixabay.