[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Spitballing IoT Security

Subject: Spitballing IoT Security
From: rdobbins at arbor.net (Roland Dobbins)
Date: Fri, 2 Dec 2016 18:28:51 +0700
In-reply-to: <[email protected]>
References: <[email protected]>

On 30 Oct 2016, at 7:32, Ronald F. Guilmette wrote:

>  you don't need to be either an omnious "state actor" or even SPECTER 
> to assemble a truly massive packet weapon.

I agree:

<https://www.arbornetworks.com/blog/asert/how-to-become-an-internet-supervillain-in-three-easy-steps/>

;>

> Two kids with a modest amount of knowledge and a lot of time on their 
> hands can do it from their mom's basement.

And indeed have done so, many times.

The *entire purpose* of Mirai is DDoS-for-hire - it's a foundation for 
so-called 'booter/stresser' services.  So, the various  articles about 
how these botnets 'might' be for sale are uninformed - they're *for 
rent*, that's their raison d'?tre.

And renting them is cheap.  The economic and resource asymmetries highly 
favor the attackers.

All the speculation about how 'state actors' are somehow 'learning how 
to take down the Internet' is equally uninformed.  State actors already 
know how to do this, they don't need to 'learn' or 'test' anything.

DDoS attacks are the Great Equalizer; when it comes to DDoS, 
nation-states are just another player.

-----------------------------------
Roland Dobbins <rdobbins at arbor.net>

Prev by Date: [nanog] Re: Avalanche botnet takedown
Next by Date: Avalanche botnet takedown
Previous by thread: Avalanche / domains / registrars & registries
Next by thread: Forwarding issues related to MACs starting with a 4 or a 6 (Was: [c-nsp] Wierd MPLS/VPLS issue)
Index(es):
- Date
- Thread