3 weeks, 2 days ago

Cyberattack on X Hit Servers Faulted for Lacking Key Protection

-- A cyberattack that brought down Elon Musk’s X targeted servers that were insufficiently protected from malicious traffic, according to cybersecurity analysts. Ciaran Martin, former head of the UK’s National Cyber Security Centre, said in a BBC radio interview on Tuesday that it “looks like X didn’t implement Cloudflare properly,” referring to the company that offers DDoS protection services. Martin also said that X had “left some of its servers in front of rather than behind” Cloudflare’s protection. “If X’s origin servers were exposed or lacked adequate filtering, that would be a fundamental security oversight,” he said. Jason Kikta, a former official with US Cyber Command, said hackers faking the location of web traffic in attacks that overwhelm servers is “trivial and routine.” “The IP addresses a victim sees in a DDoS attack is about as meaningful as describing what kind of ski mask a bank robber was wearing,” said Kikta, now chief information security officer at IT automation firm Automox Inc. “It’s a starting point, but not terribly useful.” Meyer said the attack was linked to a botnet – computers infected by malicious software and under the control of a hacker – that included between 10,000 and 20,000 IP addresses.

Live Mint
Security Attack Martin Meyer Servers Cloudflare Ddos Protection

Discover Related