daroweis karyssa qwyntin

0 views

Skip to first unread message

Elva Stuller

unread,

Aug 2, 2024, 11:25:45 AM8/2/24

to grovothochna

The group called Anonymous Sudan claimed responsibility for the breach on its Telegram channel, specifically citing Netflix's LGBTQ+ content as the reason. It claimed it brought Netflix down for 30 minutes in some locations and planned another hacking attempt at 1 a.m. Khartoum time (7 p.m. ET).

"Some of our members were unable to use Netflix on web and mobile on 28 Sep between 10:55 PM PT and 11:25 PM PT. Our engineers have since fixed the issue. We're so sorry for the inconvenience," the spokesperson told Newsweek.

According to CheckHost, Netflix suffered outages in some parts of the United States, Turkey, Russia, Poland, the United Kingdom, the United Arab Emirates, Brazil, Hong Kong, Japan and other countries in Europe.

But the group's actions were not actually hacking but rather a "distributed denial of service" (DDoS) attack, according to Mattias Wahlen of cybersecurity firm TrueSec. He explained that these groups have a network of computers that are used to contact the target website all at once which "overloads the site and legitimate users can't access it."

In his research for TrueSec, Wahlen argued that the Russian hackers appropriated the original Anonymous Sudan, which was formed in response to the African country's political and economic unrest. The original Anonymous Sudan participated in digital activism, such as hacking and causing outages on government websites.

TrueSec's research highlighted indications that the new Anonymous Sudan was likely not the same group operating in Africa, including different styles of communication. The new group mainly announces its operations on Telegram, a messaging platform popular with Russian hackers. Also, it posts in English and Russian, never in Arabic, and is amplified by Russian hacktivist groups.

TrueSec hypothesized the motive for the group's attacks "could be to internally strengthen the narrative that Russia is not isolated and create the illusion that there are online activists all over the world supporting Russia."

Wahlen said the group was likely a proxy for a Russian government agency based on "circumstantial evidence" and justification of attacking Netflix over LGBTQ+ content was part of a "disinformation campaign" designed to paint the government as the good guys in culture wars against the West.

"What they want is media attention, they don't care if Netflix is down for real or not, they can use the attention to amplify their message," Wahlen said. He added that the best thing a major company could do when they face a DDoS attack is to "be quicker to go out and explain" what happened.

"Companies never like admitting openly that they've suffered any type of cyber attack, but in this case, it is better to say 'it's just a denial of service attack, it won't last forever and we will be back soon.' That's better than saying nothing because it allows the criminals to control the narrative."

Shannon Power is a Greek-Australian reporter, but now calls London home. They have worked as across three continents in print, newspapers and broadcast, specializing in entertainment, politics, LGBTQ+ and health reporting. Shannon has covered high profile celebrity trials along with industry analysis of all the big trends in media, pop culture and the entertainment business generally. Shannon stories have featured on the cover of the Newsweek magazine and has been published in publications such as, The Guardian, Monocle, The Independent, SBS, ABC, Metro and The Sun. Languages: English, Greek, Spanish.

As the title suggests I'd like to understand how to route all traffic destined for *.netflix.com through WAN1. The network setup is pretty simple so far with all traffic being routed down VPN by default so all devices in my network use the VPN out to my provider.

The reason for wanting to route specific calls to that URL is Netflix detects any VPN or proxy and refuses to work so separating that application out of the normal VPN routing is the only way to do it.

I think I understand what you are trying to do. For some reason you use a VPN tunnel for all your internet traffic (perhaps from a location abroad to home) but you want to let Netflix traffic "break out" to the Internet locally rather than go with all your other traffic down the tunnel.

I joined Netflix in 2014, a company at the forefront of cloud computing with an attractive work culture. It was the most challenging job among those I interviewed for. On the Netflix Java/Linux/EC2 stack there were no working mixed-mode flame graphs, no production safe dynamic tracer, and no PMCs: All tools I used extensively for advanced performance analysis. How would I do my job? I realized that this was a challenge I was best suited to fix. I could help not only Netflix but all customers of the cloud.

Since then I've done just that. I developed the original JVM changes to allow mixed-mode flame graphs, I pioneered using eBPF for observability and helped develop the front-ends and tools, and I worked with Amazon to get PMCs enabled and developed tools to use them. Low-level performance analysis is now possible in the cloud, and with it I've helped Netflix save a very large amount of money, mostly from service teams using flame graphs. There is also now a flourishing industry of observability products based on my work.

Apart from developing tools, much of my time has been spent helping teams with performance issues and evaluations. The Netflix stack is more diverse than I was expecting, and is explained in detail in the Netflix tech blog: The production cloud is AWS EC2, Ubuntu Linux, Intel x86, mostly Java with some Node.js (and other languages), microservices, Cassandra (storage), EVCache (caching), Spinnaker (deployment), Titus (containers), Apache Spark (analytics), Atlas (monitoring), FlameCommander (profiling), and at least a dozen more applications and workloads (but no 3rd party agents in the BaseAMI). The Netflix CDN runs FreeBSD and NGINX (not Linux: I published a Netflix-approved footnote in my last book to explain why). This diverse environment has always provided me with interesting things to explore, to understand, analyze, debug, and improve.

I've also used and helped develop many other technologies for debugging, primarily perf, Ftrace, eBPF (bcc and bpftrace), PMCs, MSRs, Intel vTune, and of course, flame graphs and heat maps. Martin Spier and I also created Flame Scope while at Netflix, to analyze perturbations and variation in profiles.

I've also had the chance to do other types of work. For 18 months I joined the CORE SRE team rotation, and was the primary contact for Netflix outages. It was difficult and fascinating work. I've also created internal training materials and classes, apart from my books. I've worked with awesome colleagues not just in cloud engineering, but also in open connect, studio, DVD, NTech, talent, immigration, HR, PR/comms, legal, and most recently ANZ content.

Last time I quit a job, I wanted to share publicly the reasons why I left, but I ultimately did not. I've since been asked many times why I resigned that job (not unlike The Prisoner) along with much speculation (none true). I wouldn't want the same thing happening here, and having people wondering if something bad happened at Netflix that caused me to leave: I had a great time and It's a great company!

I'm thankful for the opportunities and support I've had, especially from my former managers Coburn and Ed. I'm also grateful for the support for my work by other companies, technical communities, social communities (Twitter, HackerNews), conference organizers, and all who have liked my work, developed it further, and shared it with others. Thank you. I hope my last two books, Systems Performance 2nd Ed and BPF Performance Tools serve Netflix well in my absence and everyone else who reads them.