User topics

Article topics

Log in Sign up

CIA, PayPal under bizarre SSL assault

The Central Intelligence Agency, PayPal, and hundreds of other organizations are under an unexplained assault that's bombarding their websites with millions of compute-intensive requests. The "massive" flood of requests is made over the websites' SSL, or secure-sockets layer, port, causing them to consume more resources than …

COMMENTS

House rules Send corrections

This topic is closed for new posts.

Saturday 30th January 2010 20:57 GMT Winkypop

They do it..

...because they can?

Sometimes there is no 'why'

0 0
Saturday 30th January 2010 20:57 GMT Anonymous Coward

If I were to guess

I'd say they're probing for something on the remote boxes, but it doesn't sound like an attack to me, it's probably a prelude to one though.

They could be sitting on some crypto exploit code and want to know who's vulnerable before they make their pay run.

Maybe DDOS the strong encryption servers so that fraudulent requests are handled by systems with the weak encryption that they have an exploit for?

Sorry, I'll put down the William Gibson book now ;)

0 0
Saturday 30th January 2010 22:48 GMT Disco-Legend-Zeke

A Bit of Garbage...

...perhaps they are poking around looking for holes in the webservers.

I have been experiencing slow logins to a couple of the sites on the list, and thought it might be a DDOS attack of some sort.

Beer slows down my responses also.

0 0
1. Sunday 31st January 2010 06:02 GMT Disco-Legend-Zeke
  
  If known responses are encrypted...
  
  I can assemble your private key... Just Saying.
  
  This is much too sophisticated to be sophomoric. Not to mention the high value servers being targeted.
  
  0 0
Sunday 31st January 2010 15:29 GMT Al 4

Smoke screen

Maybe its a smoke screen for the actual attack where this one can trigger a weakness than can allow the launcher access. Perhaps something to do with DOS prevention functionality.

0 0
Sunday 31st January 2010 15:29 GMT Pete 8

maybe

it is one of their own gone loopy after performing a self-psy-op.

0 0
Monday 1st February 2010 01:22 GMT 3G

my thoughts..

is that they hoped the attack would be more successful, I guess you don't know before hand how successful attacks will be, how many machines will remain in the botnet, the amount of requests that cause issues for the site.

Maybe they just figured that the SSL negotiation over and over would cause a DDOS if there was enough requests?

It seems strange to go for such high profile sites with an attack that hasn't proved successful or been tested elsewhere first, that is what is odd about this.

0 0
Monday 1st February 2010 01:22 GMT John Sanders

The Chinese...

Now know how to get your private key...

0 0
Monday 1st February 2010 10:08 GMT gimbal

I think....

...someone had too many Cheetohs and feel asleep on the "Go, Bots" button. I'm just sayin'....

0 0
Monday 1st February 2010 10:21 GMT Andy Christ

D'oh!

So THAT explains why I've been having so much trouble accessing the CIA's website recently!

0 0
Monday 1st February 2010 11:00 GMT Lionel Baden

why !?

drive them broke by making the servers use more power and more airconditioning !!!!

0 0
Monday 1st February 2010 13:06 GMT regadpellagru

Evil

"Shadowserver has identified 315 websites that are the recipients of the SSL assault. In addition to cia.gov and paypal.com, other sites include yahoo.com, americanexpress.com, and sans.org."

Let me see: CIA, Paypal, yahoo (with their infernal webmail system).

They're targeting the most evil web sites of da Internet, maybe ?

0 0
Monday 1st February 2010 14:49 GMT Alan Brown

Smokescreen(2)

Keep everyone busy chasing this while the real attack is quietly happening somewhere completely different.

Didn't anyone watch Die Hard?

0 0

This topic is closed for new posts.

The Register Biting the hand that feeds IT

About Us

Our Websites

Your Privacy

Situation Publishing

Copyright. All rights reserved © 1998–2025