https://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=0&time=17972&view=map

Prelude to the arrival of our Alien Overlords?

Seriously though, is in concert with all of the civil unrest?
If so, just keeps pushing the narrative that all this is from State actors.

That was why I finally got some work done today......

#LebowskiIsBuzzkill (https://pistol-forum.com/usertag.php?do=list&action=hash&hash=LebowskiIsBuzzkill)

https://www.digitalattackmap.com/#anim=1&color=0&country=ALL&list=0&time=17972&view=map

I seriously have no idea what I’m looking at there.

My (cellular) internet is so slow lately I’m not sure that loaded correctly.

Or else I just have no idea what it’s telling me.

Basically, it is what is called a Distributed Denial of Service attack against the major cell providers. It started this afternoon.

LittleLebowski the link you have shows March 17 of 2019...

Folks either need to drag the slider below the map to the current date or click the banner again to load the latest data (today), should show a massive number of connections headed to the US.

This was the cause of much clusterfuckery in meeting with my dad after a medical appointment today. My city was down for most of the day—the Mrs and I got dozens of texts a couple of hours ago that finally came in all scrambled in order. It was odd enough that I had already figured that someone had shut it down. I was thinking test by the feds at some level. But I am a tech ignoramus.

At any rate, most def a thing here today.

Not everyone is convinced:

https://www.forbes.com/sites/daveywinder/2020/06/16/no-the-us-has-not-suffered-the-biggest-cyber-attack-in-history-heres-what-actually-happened-tmobile-anonymous-twitter-rumor/#6159d9933c59

So much for those Zoom meetings...........time to get back to the office you slackers! :p

Not everyone is convinced:

https://www.forbes.com/sites/daveywinder/2020/06/16/no-the-us-has-not-suffered-the-biggest-cyber-attack-in-history-heres-what-actually-happened-tmobile-anonymous-twitter-rumor/#6159d9933c59

I thought the "report" of an attack felt off too. I didn't personally experience any issues (nor did my kids who are on a different mobile provider), and things were quiet at work. While I'm not in operations anymore, I still will hear about major issues via the grapevine. It has been quiet.

Chris

Can't be that bad because I still got my daily robo-calls from 2020 Healthcare and Extended Car Warranty.

Call me a nut job but more likely squirrels or feral network engineers than a cyber-attack. Stats from https://cybersquirrel1.com/ :

TOTAL SUCCESSFUL CYBER WAR OPS AS OF 2019.01.21 - 2524

Agent
Success

Squirrel
1252

Bird
639

Snake
117

Raccoon
115

Rat
53

Cat
28

Marten
25

Jellyfish
13

Monkey
12

Human
3*

And an interesting report on feral engineers crashing the country:

https://docs.fcc.gov/public/attachments/DOC-359134A1.pdf


CenturyLink experienced a nationwide outage on its fiber network that lasted for almost 37 hours. This outage was caused by an equipment failure catastrophically exacerbated by a network configuration error. It affected communications service providers, business customers, and consumers who directly or indirectly relied upon CenturyLink’s transport services, which route communications traffic from various providers to locations across the country, resulting in extensive disruptions to phone service, including 911 calling.


In the early morning of December 27, 2018, a switching module in CenturyLink’s Denver, Colorado node spontaneously generated four malformed management packets…

Saw a report 2-3 weeks ago. Company had everything in place to respond to a ddos attack. Ahead of the curve.

Small ddos attack that their ddos appliance recognized and responded to... by blocking access to their web site.

"Wanna ddos me? Hold my F'ing beer!" Or, "Threat neutralized. Hostage shot."

I believe Forbes.

From Dallas Morning News (https://www.dallasnews.com/business/technology/2020/06/16/fcc-vows-to-investigate-t-mobiles-unacceptable-hours-long-outage/):


The head of the U.S. communications regulator said T-Mobile’s nationwide, hours-long outage Monday was “unacceptable” and that the Federal Communications Commission will investigate.

T-Mobile, one of the country’s three largest cellphone service providers, said it had a “voice and text wireless issue“ that began around 11 a.m. CT Monday. The company said around 1 a.m. Tuesday that all problems should be resolved.

The company blamed an internet-traffic issue that caused problems with its network for the outage.

AT&T and Verizon both said their networks were operating normally. But calls between their customers and T-Mobile customers could have run into trouble because of T-Mobile’s issues, creating the impression of a widespread communications failure.

So who picked "It's a dude stealing routers"? From Dallas Morning News (https://www.dallasnews.com/business/technology/2020/07/22/did-your-sprint-service-go-out-recently-this-guy-may-be-to-blame/):


First one cell tower was knocked offline, then another. And another.

Within days starting in June, dozens of cell towers across Texas were out of service, leaving some Sprint customers without internet or cellphone coverage, the FBI said. A particular piece of equipment was stolen each time — a commercial router — and the thief did it without damaging the security perimeter fencing, according to the FBI.

Surveillance cameras led police to a Toyota pickup. When they stopped Van Su Tran in Fort Worth, officers found 16 stolen routers in his truck, including one that had just been taken nearby, according to federal court records.

So was he on the way to maybe the Montrose area of Houston???

Stealing routers at the tower level??? That’s a whole new level of clearing your browser cache.

Aside from resale, what kind if data could be extracted from these routers I wonder.

So was he on the way to maybe the Montrose area of Houston???

Stealing routers at the tower level??? That’s a whole new level of clearing your browser cache.

Aside from resale, what kind if data could be extracted from these routers I wonder.
Exactly along the lines of what I was thinking. Would be right in their lane to do something along these lines. I only wonder if there was info on the routers and whether they would extract it here or take it home when they get booted.

If it was 1 or 2 units, I could see maybe trying to get config/key/password data out of them, for future attacks. But 16? That sounds more like black market wholesale.
As for "user" data... that'd for the most part be stored in volatile RAM, and once you killed power it'd be gone.

I don't know much about how a router would be configured in this particular use case, but I'm really straining to think of how this could be useful for espionage.

Most encryption takes place at the transport and application layers, and since this equipment is presumably carrying primarily mobile traffic, that seems an unlikely medium to be exhanging worthwhile secrets. Stealing crypto keys doesn't make any sense unless you've intercepted and stored all the traffic going between those routers, and if you can do that without being noticed, sending one dude to get 16 of them one-after-the-other is a pretty dramatic dip in sophistication. And - as has already been mentioned - unless the nonvolatile storage isn't encrypted, you'd have to get the keys in situ, which would negate the point of stealing the entire physical thing.

Sounds like a whackjob trying to halt the spread of coronavirus by taking out 5G or something.

I don't know much about how a router would be configured in this particular use case, but I'm really straining to think of how this could be useful for espionage.

Most encryption takes place at the transport and application layers, and since this equipment is presumably carrying primarily mobile traffic, that seems an unlikely medium to be exhanging worthwhile secrets. Stealing crypto keys doesn't make any sense unless you've intercepted and stored all the traffic going between those routers, and if you can do that without being noticed, sending one dude to get 16 of them one-after-the-other is a pretty dramatic dip in sophistication. And - as has already been mentioned - unless the nonvolatile storage isn't encrypted, you'd have to get the keys in situ, which would negate the point of stealing the entire physical thing.

Sounds like a whackjob trying to halt the spread of coronavirus by taking out 5G or something.

I think an expert could get a lot of intelligence on internal network topology from dumping the config off of ISP's routers.

But you would not need 16 of them. All the routers from a cell site are going to be more or less the same.

I think wackjob is a good bet, and the complaint is unsealed if anyone wants to go read it. I didn't want to pay the PACER fee.

If it was 1 or 2 units, I could see maybe trying to get config/key/password data out of them, for future attacks. But 16? That sounds more like black market wholesale.
As for "user" data... that'd for the most part be stored in volatile RAM, and once you killed power it'd be gone.

Yup, you lose the run config on Cisco gear when the electrons go bye bye.

I think the dude was just trying to steal shit and resell.

But 16? That sounds more like black market wholesale.

Aren’t the cartels setting up their own cell networks? I imagine it’s not a simple matter of placing a PO with a strait distributor to buy these things.

Aren’t the cartels setting up their own cell networks? I imagine it’s not a simple matter of placing a PO with a strait distributor to buy these things.

With cartel money I’m pretty sure they could simply place an order to a factory in China face to face using one of the guys they have there already making deals with factories that supply all the precursor chemicals they use for cooking meth and processing other drugs.

Maybe. Maybe it's cheaper and quicker to just steal them?
Just because you have a literal box truck of money, doesn't mean you need to spend like you have a literal box truck of money.