<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">On Oct 27, 2016, at 11:17 AM, Peter Tiggerdine <<a href="mailto:ptiggerdine@gmail.com" class="">ptiggerdine@gmail.com</a>> wrote:<br class=""><div><blockquote type="cite" class=""><br class="Apple-interchange-newline"><div class=""><div dir="ltr" class="">Is there any evidence to suggest that IoT devices played a part on this DDoS? </div></div></blockquote><div><br class=""></div><div><a href="http://arstechnica.com/security/2016/09/botnet-of-145k-cameras-reportedly-deliver-internets-biggest-ddos-ever/" class="">http://arstechnica.com/security/2016/09/botnet-of-145k-cameras-reportedly-deliver-internets-biggest-ddos-ever/</a></div><div><br class=""></div><div><a href="http://www.pcworld.com/article/3134039/hacking/chinese-firm-admits-its-hacked-products-were-behind-fridays-massive-ddos-attack.html" class="">http://www.pcworld.com/article/3134039/hacking/chinese-firm-admits-its-hacked-products-were-behind-fridays-massive-ddos-attack.html</a></div><div><br class=""></div><br class=""><blockquote type="cite" class=""><div class=""><div dir="ltr" class="">My understanding is we're still dealing with the same problem as ever; unpatched/secured desktops/routers/switches which when you consider how accessible large amounts of bandwidth is explain the increase in DDoS size.</div></div></blockquote><div><br class=""></div>No, we’re dealing with hundreds of thousands of tiny systems sending a handful of pps each, using reference firmware sourced from a single supplier (in this case: Hangzhou Xiongmai Technology), installed in devices which don’t provide firmware upgrade methods, owned by users who have no idea they’re even running software.</div><div><br class=""></div><div>  - mark</div><div><br class=""></div><div><br class=""></div></body></html>