Explore the untold story of the international investigation team's race to stop the largest DDoS attacks ever recorded, launched by the Mirai Botnet in late 2016. Delve into the competitive DDoS landscape, the private/public investigative process, and methods for mitigating DDoS attacks on networks. Gain insights into the risks inherent to IoT products and best practices for threat mitigation. Learn about the FBI's involvement, the evolution of the Mirai Botnet, and the series of events leading to record-breaking attacks. Understand the impact of the Mirai source code release and the subsequent investigation. Discover how to apply these lessons to enhance network security and collaborate effectively in the face of emerging DDoS threats.
Overview
Syllabus
Intro
FBI Anchorage
Distributed Denial of Service (DDoS)
DDOS Attack Measurements in 2016
Booter Services
Protraf Solutions (Becomes Mirai Group)
Remaiten Group (PoodleCorp) - Qbot Variant
May 2016
Mirai Botnet
July 2016
August 2016
HostUS Extortion Ticket
Government Investigating Routernets
Virtono Abuse Complaint (C2 @ 77.81.111.243)
rd - Mirai moves C2 location
th - Remaiten group discovers new C2
th - Mirai C2 offline
th - Actions escalate
th - BGP Hijack
th-Law Enforcement move against VDOS
Mirai accelerates...
A Record Breaking Attack
Mirai Source Code Released
Investigation
Investigative Assistance
Accountability
Apply What You Have Learned Today
Questions?
Taught by
RSA Conference
