I just tried to access my Paypal account, and apparently it is down.
Companies including Twitter, Netflix, PayPal and eBay appeared to have their websites broken. And other services like PlayStation Network appeared to be hit by a major outage:
Update: Internet service appears to stablize after waves of cyber attacks
(Score: 0) by Anonymous Coward on Saturday October 22 2016, @03:59AM
> Do you have any idea how much proper security would cost?
Infinite dollars.
I am not kidding. It is the same old problem with internet security - the attackers only have to succeed once, the defenders have to succeed every time.
This particular IoT based attack is just the low hanging fruit because the vendors were super lazy. So they tighten things up, all that does is raise the cost to crack. The value of a botnet of IoT devices is enormous. So cracks will eventually be discovered. The most well funded crackers will develop exploits the fastest. But as time passes even the lone kid in his mother's basement will figure out an exploit, if for no other reason than vendors eventually go bankrupt but their IoT products will continue to live on the net and thus will stop receiving security patches. Look at this 12-year old sshd exploit [thehackernews.com] that 2 million IoT devices are vulnerable too. 12 years old.
I think the only way we have a chance of controlling IoT exploits is to route all of their traffic through a monitoring system. Instead of talking directly to the internet, their internet access is through a managed VPN that actively watches for and blocks exploits. So even obsolete devices would still be actively protected by a system that is up to date. Having visibility into millions of devices will make it easier to detect unusual patterns so even zero-day exploits won't last very long once they get significant usage.
(Score: 0) by Anonymous Coward on Saturday October 22 2016, @06:06AM
https://soylentnews.org/article.pl?sid=16/10/21/0544236 [soylentnews.org]
There will be no 'tightening up'. There will be no special firewalls or VPNs. It is going to get wildly worse. For a few we will figure it out and it 'wont happen to us' but everyone else will not really give a fuck.