The nation’s top intelligence official on Tuesday said state-sponsored hackers likely weren’t behind the distributed denial-of-service (DDoS) attacks that disrupted internet access across the United States last week.
Weighing in on the outages during an event at the Council on Foreign Relations in Washington, D.C., National Intelligence Director James Clapper said investigators believe a “non-state actor” was likely responsible for the DDoS attacks that made it difficult to access some of the world’s most popular websites Friday.
“That appears to be preliminarily the case,” Mr. Clapper said, The Hill reported. “But I wouldn’t want to be conclusively definitive about that, specifically whether a nation state may have been behind that or not.”
“The investigation’s still going on,” he added. “There’s a lot of data going on here.”
Beyond the Beltway, private sector security researchers like those employed by Flashpoint, a business risk intelligence firm that’s analyzed the attacks, hold a similar opinion.
“Despite public speculation, Flashpoint assesses with a moderate degree of confidence that the perpetrators behind this attack are most likely not politically motivated, and most likely not nation-state actors,” its researchers wrote Tuesday.
In fact, Flashpoint said its investigation revealed that the same infrastructure used to disrupt access to websites like Twitter and Netflix was also used to attack a well-known video game company — an indication that the culprits of the crippling DDoS weren’t necessarily waging assault on behalf of a foreign power.
“While there does not appear to have been any disruption of service, the targeting of a video game company is less indicative of hacktivists, state-actors or social justice communities, and aligns more with the hackers that frequent online hacking forums,” Flashpoint’s researchers wrote. “These hackers exist in their own tier, sometimes called ‘script kiddies,’ and are separate and distinct from hacktivists, organized crime, state-actors, and terrorist groups. They can be motivated by financial gain, but just as often will execute attacks such as these to show off, or to cause disruption and chaos for sport.”
“I think they are right,” agreed Mikko Hypponen, chief research officer for security firm F-Secure. “I don’t believe the Friday attackers were financially or politically motivated. It was such an untargeted attack, it’s hard to find a good motive for it. So: kids,” he told TechCrunch.
As authorities attempt to identify the culprits responsible for waging last week’s DDoS attacks, investigators have at least found out how the hackers were able to disrupt internet access North America and Europe. Researchers say the outage occurred after hackers compromised millions of internet-connected household devices like video recorders and digital cameras, then used those products to overload a widely used Domain Name System (DNS) — an online directory that enables web users to navigate from site to site.
The director of the Department of Homeland Security said Monday that DHS has “been working to develop a set of strategic principles for securing the Internet of Things, which we plan to release in the coming weeks.”