- Hours after the US airstrike on Iranian territory, Iranian-backed hackers took down US President Donald Trump’s social media platform.
- Users were struggling to access Truth Social in the early morning following the alleged hack.
- As the US continues to insert itself into the ongoing Iran-Israel conflict, the US government believes more cyberattacks could happen.
DDoS is not hacking
The word “hack” is pre-internet. A “hack” journalist or a “hack job” is basically something unprofessional. It is movies that turned “hackers” into someone that gained access to the “mainframe”. In the realm of computer systems, I would argue that a “hack” is doing anything the system was not intended/designed to do. A successful DoS or DDoS needs to find some component of the system that wasn’t designed to handle the amount of traffic about to be sent to it.
There are protections for DDoS (iptables, fail2ban, Cloudflare and so on), you have to figure out a way around them, that’s a hack.
The current tech-related usage was coined at MIT to mean working on a system. Funny that the oldest recorded source comes from MIT model railroad team.
Hacking isn’t hacking it’s usually cracking
Can be a component of it.
Mailing someone more letters than they’re capable of replying to is not equivalent to, nor a component of, gaining access to the inside of their home.
Disabling network security and edge devices to change the properties of ingress can absolutely be a component of an attack plan.
Just like overwhelming a postal sorting center could prevent a parcel containing updated documentation from reaching the receiver needing that information.
I haven’t heard of a firewall failing open when overwhelmed yet. Usually quite the opposite, a flood disables access to more than just the targeted device, when the state table overflows.
But maybe there is a different mechanism I’m not aware of. How would the DDoS change the properties of ingress?
By denying access to resources in a primary region, one might force traffic to an alternate infrastructure with a different configuration. Or maybe by overwhelming hosts that distribute BGP configurations. By denying access to resources, sometimes you can be routed to resources with different security postures or different monitoring and alerting, thus not raising alarms. But these are just contrived examples.
Compromising devices is a wide field with many different tools and ideas, some of which are a bit off the wall and nearly all unexpected, necessarily.
I mean, I know JK Rowling sucks, and it’s been a long time since the first Harry Potter movie came out, but it was definitely a component and precursor to Hagrid beating the shit out of that door.
To be fair, they had moved to an unsecure location that was a much softer target by that point. Can a DDOS force someone to move their services over to the equivalent of a century old, weather-beaten lighthouse in the middle of England?