January 26, 2014 - TECHNOLOGY - Last year, Leon Panetta, the former Defense Secretary of the United States, issued a wake up call to Americas about the growing threat of cyber war.
Panetta stated that this online infiltration could cripple the U.S. economy with computerized “worms” and “malware” that can infect computer networks via the Internet or insider sabotage. “It is the kind of capability that can basically take down a power grid, take down a water system, take down a transportation system, take down a financial system,” he said. “We are now in a world in which countries are developing the capability to engage in the kind of attacks that can virtually paralyze a country.”
Here are a few of the recent stories about this developing threat to the global order.
A list of 16 million email addresses and passwords has fallen into the hands of botnet operators, the German Federal Office for Information Security (BSI) said Tuesday. It remained unclear though to what these login credentials provide access. They could be logins for mail accounts, Facebook accounts, Amazon accounts or other online services, said BSI Spokesman Tim Griese. About half of the addresses are from the German .de domain, Griese said, adding that there are also French and .com addresses on the list. Law enforcement agencies found the list of email addresses and passwords while analyzing several botnets. Only the list of email addresses was shared with the BSI, Griese said.
Users were invited to check their email address against the list by sending their address to the BSI using a website made specially for this purpose. Email addresses that are on the list will then receive an email with a code from the BSI. The BSI couldn’t simply email all the addresses on the list because under German law it is not allowed to send emails to people who did not ask to receive one, Griese said. An email from the BSI about compromised accounts might also be regarded as spam and deleted immediately, he said. By creating an online tool the BSI circumvents this problem, Griese said, adding that this will hopefully also lead to more awareness of online security.
While the BSI said this was likely a case of large scale identity theft, Griese declined to discuss what the stolen login credentials were or could have been used for while the investigation continues. “We can’t tell more about the background,” Griese said, adding that for the same reason he couldn’t disclose which botnets were involved. Identity theft however is one of the biggest risks when using the Internet, the BSI said in a news release. Criminals steal identities to act on the behalf of Internet users by sending emails in their place, or shop at the expense of others or do harm to them in other ways, the BSI said. Users whose account might have been compromised should check their computer for malware, the BSI Said. Because it is unclear at the moment what the stolen login credentials unlock, compromised users should also change all their passwords, Griese said. - PC World.
It's bad enough that we have to fear identity thieves who are trying to scam us with malicious messages sent from PCs. We now must worry about being targeted by our household appliances, as well. An Internet-security firm has discovered what they are calling a global cyberattack launched from more than 100,000 everyday consumer gadgets such as home-networking routers, televisions and at least one "smart" refrigerator. It's being called possibly the first proven cyberattack to originate from connected appliances -- the so-called "Internet of Things." Proofpoint said the attack occurred between December 23 and January 6, and featured waves of malicious e-mail targeting businesses and individuals worldwide. In a post on the Proofpoint site, the company said the scam involved more than 750,000 e-mails from more than 100,000 appliances that had been commandeered by "thingbots," or robotic programs that can be remotely installed on digital devices.
It was not immediately clear Friday which victims were targeted and whether the scammers were successful in collecting any personal information. "Bot-nets are already a major security concern and the emergence of thingbots may make the situation much worse," said David Knight, general manager of Proofpoint's Information Security division. "Many of these devices are poorly protected at best and consumers have virtually no way to detect or fix infections when they do occur. [We] may find distributed attacks increasing as more and more of these devices come online and attackers find additional ways to exploit them." Recent years have seen an explosion in the number of devices fitted with Internet connectivity, from eyewear to toothbrushes to refrigerators and beyond. Earlier this week, Google paid $3.2 billion to acquire Nest, a company that makes smart home thermostats.
The International Data Corporation (IDC) predicts there will be more than 30 billion connected devices in the world by 2020. Proofpoint's findings suggest that just as personal computers can be unknowingly compromised and used to launch large-scale cyberattacks, so can any smart household appliance. And poorly protected "smart" devices may be easier to infect and control than PCs, laptops or tablets. A sophisticated hack was not needed to compromise the appliances in this attack. Instead, the use of default passwords left the devices completely exposed on public networks, according to Proofpoint. The company also noted that connected appliances typically aren't protected by anti-spam or anti-virus software, nor are they routinely monitored for security breaches. - CNN.
The theft of personal information from more than 100million South Korean credit cards and accounts, reportedly including those of President Park Geun-hye and UN chief Ban Ki-moon, has ignited a storm of anger and litigation against credit firms. Worried Koreans on Tuesday packed into branches of one of the banks hit by the theft to ensure their money was safe, while lawyers said 130 people joined a class action suit against their credit card providers in what is expected to be the first of multiple litigations. ‘Of course I'm angry. Anyone might know when I pay my credit card bills, let alone my phone number and where I live. I might as well keep all my money in my closet,’ said one card user, Lee Young-hye, outside a bank branch.
The biggest breach of personal privacy ever in South Korea has further highlighted the vulnerability of credit card information after tens of millions of U.S. cardholders' details were stolen from retailer Target Corp during the holiday shopping season. South Koreans on average have more than four credit cards, something that has contributed to one of the highest levels of personal debt relative to the size of the economy in the developed world. The data security breach affected around 15million cardholders, according to official estimates, by far the largest in a series of such scams against financial firms in South Korea going back to 2011.
Some previous attacks involved hackers believed to originate from North Korea, but this one seems to have been an inside job. Financial regulators said a contractor with the Korea Credit Bureau, a private firm that manages the credit information of millions of Koreans for financial services providers, simply loaded details of 105.8million accounts held by KB Kookmin Card Co Ltd, Lotte Card Co Ltd and NH Nonghyup Card onto a portable hard drive. The technician was allegedly working on forgery-proofing credit cards when he committed the theft in February, June and December last year, according to regulator Financial Supervisory Service (FSS), citing the prosecutor's office leading the investigation. - Daily Mail.
Google Inc is investigating an outage on Friday night that took down Gmail for about 18 minutes, the internet email service used by hundreds of millions of people across the globe. The trouble started at 12.30am IST on Saturday. Gmail service appeared to resume for some users shortly after the outage occurred.
It was unclear what triggered the outage, which affected users in at least India, Britain and the United States. Yahoo Inc, which runs a rival internet service, posted a screenshot of the Gmail error page on Twitter. "We're investigating reports of an issue with Gmail. We will provide more information shortly," the company said on its "App Status" dashboard online, which tracks the state of various Google services. Users attempting to sign on saw a "temporary error" message and a brief note: "We're sorry, but your Gmail account is temporarily unavailable. We apologize for the inconvenience and suggest trying again in a few minutes." The internet search giant's Google+ social network, as well as its Youtube video service, appeared sluggish as well. Google did not respond to requests for comment. - Times of India.
Unidentified hackers took aim at the federal court system Friday, blocking access to its public website while preventing lawyers and litigants from filing legal documents online. The incident affected uscourts.gov, the federal court’s public hub, as well as most if not all federal court sites — not to mention the federal court system’s electronic filing system and its access page, PACER, a spokesman for the Administrative Office of the U.S. Courts said Friday.
The aide described the incident only as a denial-of-service attack, and that the court system, which manages its own cybersecurity, is still investigating the exact nature of the incident and who’s responsible. Earlier Friday, a federal court clerk from Arkansas indicated in an email obtained by POLITICO that it appeared to be a “new national cyberattack on the judiciary,” but he did not provide any additional information about the type of attack or who might be behind it. The Justice Department, for its part, did not comment for this story. The Department of Homeland Security, which plays a key role monitoring federal networks and disseminating information about cyber threats, could not be reached for comment. - Politico.
The man who appeared before Congress last week to explain the security pitfalls of HealthCare.gov took to Fox News on Sunday to explain just how easy it is to penetrate the website. Hacking expert David Kennedy told Fox’s Chris Wallace that he determined he could gain access to 70,000 personal records of Obamacare enrollees via HealthCare.gov within about 4 minutes — and it required nothing more than a standard browser, the Daily Caller reported.
“And 70,000 was just one of the numbers that I was able to go up to and I stopped after that,” he said. “You know, I’m sure it’s hundreds of thousands, if not more, and it was done within about a 4 minute timeframe. So, it’s just wide open.”“You can literally just open up your browser, go to this, and extract all this information without actually having to hack the website itself,” he said.Mr. Kennedy testified before Congress Thursday that HealthCare.gov was “100 percent” insecure, Washington Free Beacon reported.“What we learned was that they had rushed through what we call the software development life cycle where they actually build the application,” he said on Fox.“So when you do that, security doesn’t really get integrated into it. And what happened with the rocky launch in October is they slapped a bunch of servers in trying to fix the website just to keep it up and running so that people could actually go and use it. The problem is they still didn’t imbed any security into it.”“It’s not just myself that’s saying this website is insecure, it’s also seven other independent security researchers that also looked at the research I’ve done and came to the exact same conclusion,” he said. - Washington Times.
Officials with the Russian Interior Ministry could not be reached for comment early on Wednesday in Moscow. "These attacks appear to have been motivated by the Russian government's interest in helping its industry maintain competitiveness in key areas of national importance," Dmitri Alperovitch, chief technology officer of CrowdStrike, told Reuters on Tuesday evening. While cybersecurity researchers have in the past said that China's government was behind cyber espionage campaigns against various corporations dating back as far as 2005, Alperovitch said this is the first time the Russian government has been linked to cyber intrusions on companies. He said that CrowdStrike has been following the activities of this Russian group, which it dubbed "Energetic Bear," for two years. The firm believes the Russian government is behind the campaign because of technical indicators, as well as analysis of the targets chosen and the data stolen. "We are very confident about this," Alperovitch said.
Victims include European energy companies, defense contractors, technology companies and government agencies, according to the CrowdStrike report. Manufacturing and construction firms in the United States, Europe and Middle East as well as U.S. healthcare providers were also cited as targets. Alperovitch, who is of Russian ethnic origin and now lives in the Washington, D.C., area, is an expert on cyber espionage who rose to prominence while working for McAfee Inc. While there he managed a team of researchers who produced a landmark January 2010 report that described how Chinese hackers had launched an unprecedented series of attacks known as "Operation Aurora" on Google Inc and dozens of other companies. In 2012, he co-founded CrowdStrike, which collects intelligence about the activities of hacking groups around the world and sells software to thwart such attacks. He told Reuters that the data his firm has obtained about Energetic Bear suggests that authorities in Moscow have decided to start using cyber espionage to promote Russia's national economic interests. "They are copying the Chinese play book," he said. "Cyber espionage is very lucrative for economic benefit to a nation." - Huffington Post.
On the same day, China’s state-controlled Xinhua News Agency published a story quoting security experts whodemanded authorities do more to protect the nation’s Internet infrastructure. Others experts, however, believe the error may have been caused by a glitch in China’s notorious censorship systems, also known as “The Great Firewall.” China routinely blocks sites with content critical of the nation’s government, including Facebook, Twitter, and The New York Times. Tuesday’s Internet outage, however, rerouted traffic to an IP address belonging to Dynamic Internet Technology, a U.S. company whose site is also blocked by authorities. DIT could not be reached immediately for comment. But the company’s clients include The Epoch Times, a publication banned in China. It also hosts Freegate software that can help Chinese Internet users view sites blocked in the country.
Some are speculating that hackers hijacked a root DNS (Domain Name System) server in China to reroute all user traffic, said GreatFire.org, a group that monitors China’s Internet and opposes the nation’s censorship. But in a Wednesday posting, GreatFire.org dismissed such claims, noting that a public DNS server operated by Google had also been affected by the networking error. During the outage, users trying to access the Google DNS server from China were also rerouted to the IP address from Dynamic Internet Technology. ”Some are suggesting Dynamic Internet Technology is behind the outage. However, hacking into a root DNS resolver is not enough to cause this outage,” the group said. “They have to hack into GFW (The Great Firewall).” Instead, authorities may have tried to block DIT’s IP address, but accidentally ended up rerouting all the nation’s traffic to the address, the group added. - PC World.
Panetta stated that this online infiltration could cripple the U.S. economy with computerized “worms” and “malware” that can infect computer networks via the Internet or insider sabotage. “It is the kind of capability that can basically take down a power grid, take down a water system, take down a transportation system, take down a financial system,” he said. “We are now in a world in which countries are developing the capability to engage in the kind of attacks that can virtually paralyze a country.”
Here are a few of the recent stories about this developing threat to the global order.
German Government Warns That Over 16 Million Online Accounts Compromised.
A list of 16 million email addresses and passwords has fallen into the hands of botnet operators, the German Federal Office for Information Security (BSI) said Tuesday. It remained unclear though to what these login credentials provide access. They could be logins for mail accounts, Facebook accounts, Amazon accounts or other online services, said BSI Spokesman Tim Griese. About half of the addresses are from the German .de domain, Griese said, adding that there are also French and .com addresses on the list. Law enforcement agencies found the list of email addresses and passwords while analyzing several botnets. Only the list of email addresses was shared with the BSI, Griese said.
Users were invited to check their email address against the list by sending their address to the BSI using a website made specially for this purpose. Email addresses that are on the list will then receive an email with a code from the BSI. The BSI couldn’t simply email all the addresses on the list because under German law it is not allowed to send emails to people who did not ask to receive one, Griese said. An email from the BSI about compromised accounts might also be regarded as spam and deleted immediately, he said. By creating an online tool the BSI circumvents this problem, Griese said, adding that this will hopefully also lead to more awareness of online security.
While the BSI said this was likely a case of large scale identity theft, Griese declined to discuss what the stolen login credentials were or could have been used for while the investigation continues. “We can’t tell more about the background,” Griese said, adding that for the same reason he couldn’t disclose which botnets were involved. Identity theft however is one of the biggest risks when using the Internet, the BSI said in a news release. Criminals steal identities to act on the behalf of Internet users by sending emails in their place, or shop at the expense of others or do harm to them in other ways, the BSI said. Users whose account might have been compromised should check their computer for malware, the BSI Said. Because it is unclear at the moment what the stolen login credentials unlock, compromised users should also change all their passwords, Griese said. - PC World.
Connected TVs, Fridge Help Launch Global Cyber Attack.
![]() |
A smart refrigerator on display at the International Consumer Electronics Show (CES) last week in Las Vegas |
It's bad enough that we have to fear identity thieves who are trying to scam us with malicious messages sent from PCs. We now must worry about being targeted by our household appliances, as well. An Internet-security firm has discovered what they are calling a global cyberattack launched from more than 100,000 everyday consumer gadgets such as home-networking routers, televisions and at least one "smart" refrigerator. It's being called possibly the first proven cyberattack to originate from connected appliances -- the so-called "Internet of Things." Proofpoint said the attack occurred between December 23 and January 6, and featured waves of malicious e-mail targeting businesses and individuals worldwide. In a post on the Proofpoint site, the company said the scam involved more than 750,000 e-mails from more than 100,000 appliances that had been commandeered by "thingbots," or robotic programs that can be remotely installed on digital devices.
It was not immediately clear Friday which victims were targeted and whether the scammers were successful in collecting any personal information. "Bot-nets are already a major security concern and the emergence of thingbots may make the situation much worse," said David Knight, general manager of Proofpoint's Information Security division. "Many of these devices are poorly protected at best and consumers have virtually no way to detect or fix infections when they do occur. [We] may find distributed attacks increasing as more and more of these devices come online and attackers find additional ways to exploit them." Recent years have seen an explosion in the number of devices fitted with Internet connectivity, from eyewear to toothbrushes to refrigerators and beyond. Earlier this week, Google paid $3.2 billion to acquire Nest, a company that makes smart home thermostats.
The International Data Corporation (IDC) predicts there will be more than 30 billion connected devices in the world by 2020. Proofpoint's findings suggest that just as personal computers can be unknowingly compromised and used to launch large-scale cyberattacks, so can any smart household appliance. And poorly protected "smart" devices may be easier to infect and control than PCs, laptops or tablets. A sophisticated hack was not needed to compromise the appliances in this attack. Instead, the use of default passwords left the devices completely exposed on public networks, according to Proofpoint. The company also noted that connected appliances typically aren't protected by anti-spam or anti-virus software, nor are they routinely monitored for security breaches. - CNN.
Nearly Half Of South Koreans Have Their Bank Details Stolen (Including The President).
The theft of personal information from more than 100million South Korean credit cards and accounts, reportedly including those of President Park Geun-hye and UN chief Ban Ki-moon, has ignited a storm of anger and litigation against credit firms. Worried Koreans on Tuesday packed into branches of one of the banks hit by the theft to ensure their money was safe, while lawyers said 130 people joined a class action suit against their credit card providers in what is expected to be the first of multiple litigations. ‘Of course I'm angry. Anyone might know when I pay my credit card bills, let alone my phone number and where I live. I might as well keep all my money in my closet,’ said one card user, Lee Young-hye, outside a bank branch.
The biggest breach of personal privacy ever in South Korea has further highlighted the vulnerability of credit card information after tens of millions of U.S. cardholders' details were stolen from retailer Target Corp during the holiday shopping season. South Koreans on average have more than four credit cards, something that has contributed to one of the highest levels of personal debt relative to the size of the economy in the developed world. The data security breach affected around 15million cardholders, according to official estimates, by far the largest in a series of such scams against financial firms in South Korea going back to 2011.
Some previous attacks involved hackers believed to originate from North Korea, but this one seems to have been an inside job. Financial regulators said a contractor with the Korea Credit Bureau, a private firm that manages the credit information of millions of Koreans for financial services providers, simply loaded details of 105.8million accounts held by KB Kookmin Card Co Ltd, Lotte Card Co Ltd and NH Nonghyup Card onto a portable hard drive. The technician was allegedly working on forgery-proofing credit cards when he committed the theft in February, June and December last year, according to regulator Financial Supervisory Service (FSS), citing the prosecutor's office leading the investigation. - Daily Mail.
GMail and Google+ Go Down Across The World.
![]() |
Yahoo Inc, which runs a rival internet service, posted a screenshot of the Gmail error page on Twitter. |
Google Inc is investigating an outage on Friday night that took down Gmail for about 18 minutes, the internet email service used by hundreds of millions of people across the globe. The trouble started at 12.30am IST on Saturday. Gmail service appeared to resume for some users shortly after the outage occurred.
It was unclear what triggered the outage, which affected users in at least India, Britain and the United States. Yahoo Inc, which runs a rival internet service, posted a screenshot of the Gmail error page on Twitter. "We're investigating reports of an issue with Gmail. We will provide more information shortly," the company said on its "App Status" dashboard online, which tracks the state of various Google services. Users attempting to sign on saw a "temporary error" message and a brief note: "We're sorry, but your Gmail account is temporarily unavailable. We apologize for the inconvenience and suggest trying again in a few minutes." The internet search giant's Google+ social network, as well as its Youtube video service, appeared sluggish as well. Google did not respond to requests for comment. - Times of India.
U.S. Federal Court System Hit With Cyber Attack.
![]() |
The incident affected uscourts.gov and most federal court sites. | AP Photo |
Unidentified hackers took aim at the federal court system Friday, blocking access to its public website while preventing lawyers and litigants from filing legal documents online. The incident affected uscourts.gov, the federal court’s public hub, as well as most if not all federal court sites — not to mention the federal court system’s electronic filing system and its access page, PACER, a spokesman for the Administrative Office of the U.S. Courts said Friday.
The aide described the incident only as a denial-of-service attack, and that the court system, which manages its own cybersecurity, is still investigating the exact nature of the incident and who’s responsible. Earlier Friday, a federal court clerk from Arkansas indicated in an email obtained by POLITICO that it appeared to be a “new national cyberattack on the judiciary,” but he did not provide any additional information about the type of attack or who might be behind it. The Justice Department, for its part, did not comment for this story. The Department of Homeland Security, which plays a key role monitoring federal networks and disseminating information about cyber threats, could not be reached for comment. - Politico.
Hacking Expert Says He Cracked ObamaCare Website In Just 4 Minutes.
![]() |
FILE - This Nov. 29, 2013 file photo shows part of the HealthCare.gov website in Washington, on Nov. 29, 2013. Photo by: Jon Elswick |
“And 70,000 was just one of the numbers that I was able to go up to and I stopped after that,” he said. “You know, I’m sure it’s hundreds of thousands, if not more, and it was done within about a 4 minute timeframe. So, it’s just wide open.”“You can literally just open up your browser, go to this, and extract all this information without actually having to hack the website itself,” he said.Mr. Kennedy testified before Congress Thursday that HealthCare.gov was “100 percent” insecure, Washington Free Beacon reported.“What we learned was that they had rushed through what we call the software development life cycle where they actually build the application,” he said on Fox.“So when you do that, security doesn’t really get integrated into it. And what happened with the rocky launch in October is they slapped a bunch of servers in trying to fix the website just to keep it up and running so that people could actually go and use it. The problem is they still didn’t imbed any security into it.”“It’s not just myself that’s saying this website is insecure, it’s also seven other independent security researchers that also looked at the research I’ve done and came to the exact same conclusion,” he said. - Washington Times.
Russia Accused Of Hacking Hundreds Of Western, Asian Companies.
A U.S. cybersecurity firm says it has gathered evidence that the Russian government spied on hundreds of American, European and Asian companies, the first time Moscow has been linked to cyber attacks for alleged economic - rather than political - gains. According to the firm, CrowdStrike, the victims of the previously unreported cyber espionage campaign include energy and technology firms, some of which have lost valuable intellectual property. CrowdStrike declined to go into detail about those losses or to name any victims, citing confidentiality agreements related to its investigation. Officials with the Russian Interior Ministry could not be reached for comment early on Wednesday in Moscow. "These attacks appear to have been motivated by the Russian government's interest in helping its industry maintain competitiveness in key areas of national importance," Dmitri Alperovitch, chief technology officer of CrowdStrike, told Reuters on Tuesday evening. While cybersecurity researchers have in the past said that China's government was behind cyber espionage campaigns against various corporations dating back as far as 2005, Alperovitch said this is the first time the Russian government has been linked to cyber intrusions on companies. He said that CrowdStrike has been following the activities of this Russian group, which it dubbed "Energetic Bear," for two years. The firm believes the Russian government is behind the campaign because of technical indicators, as well as analysis of the targets chosen and the data stolen. "We are very confident about this," Alperovitch said.
Victims include European energy companies, defense contractors, technology companies and government agencies, according to the CrowdStrike report. Manufacturing and construction firms in the United States, Europe and Middle East as well as U.S. healthcare providers were also cited as targets. Alperovitch, who is of Russian ethnic origin and now lives in the Washington, D.C., area, is an expert on cyber espionage who rose to prominence while working for McAfee Inc. While there he managed a team of researchers who produced a landmark January 2010 report that described how Chinese hackers had launched an unprecedented series of attacks known as "Operation Aurora" on Google Inc and dozens of other companies. In 2012, he co-founded CrowdStrike, which collects intelligence about the activities of hacking groups around the world and sells software to thwart such attacks. He told Reuters that the data his firm has obtained about Energetic Bear suggests that authorities in Moscow have decided to start using cyber espionage to promote Russia's national economic interests. "They are copying the Chinese play book," he said. "Cyber espionage is very lucrative for economic benefit to a nation." - Huffington Post.
China Blames Massive Internet Outage On Hacking Attack.
Tuesday’s Internet outage in China is dividing experts over what caused the networking error, with authorities calling it a hacking attack, and others blaming it on the country’s censorship systems. The outage briefly crippled the Internet in China, with many local websites inaccessible to users. User traffic was mysteriously redirected to a U.S.-based IP address belonging to a company that has hosted software capable of circumventing China’s online censorship. The networking error, which only lasted a few hours, affected at least two-thirds of China’s websites, according to Qihoo 360, a software security vendor in the country. On Wednesday, local authorities said a preliminary investigation found that a hacking attack caused the outage. China’s National Computer Network Emergency Response Technical Team is continuing to investigate the matter. On the same day, China’s state-controlled Xinhua News Agency published a story quoting security experts whodemanded authorities do more to protect the nation’s Internet infrastructure. Others experts, however, believe the error may have been caused by a glitch in China’s notorious censorship systems, also known as “The Great Firewall.” China routinely blocks sites with content critical of the nation’s government, including Facebook, Twitter, and The New York Times. Tuesday’s Internet outage, however, rerouted traffic to an IP address belonging to Dynamic Internet Technology, a U.S. company whose site is also blocked by authorities. DIT could not be reached immediately for comment. But the company’s clients include The Epoch Times, a publication banned in China. It also hosts Freegate software that can help Chinese Internet users view sites blocked in the country.
Some are speculating that hackers hijacked a root DNS (Domain Name System) server in China to reroute all user traffic, said GreatFire.org, a group that monitors China’s Internet and opposes the nation’s censorship. But in a Wednesday posting, GreatFire.org dismissed such claims, noting that a public DNS server operated by Google had also been affected by the networking error. During the outage, users trying to access the Google DNS server from China were also rerouted to the IP address from Dynamic Internet Technology. ”Some are suggesting Dynamic Internet Technology is behind the outage. However, hacking into a root DNS resolver is not enough to cause this outage,” the group said. “They have to hack into GFW (The Great Firewall).” Instead, authorities may have tried to block DIT’s IP address, but accidentally ended up rerouting all the nation’s traffic to the address, the group added. - PC World.