An illustration featuring boxing gloves in a ring, symbolizing a confrontation. A Fortinet logo is in the top right corner, and a rolled newspaper labeled "Aargauer Zeitung" is in the top left. A toothbrush is positioned in front of the gloves, hinting at the importance of hygiene even in tough battles like securing a VPN.

The toothbrush DDoS disaster, round three!

Round 3 in the toothbrush DDoS debacle!

the so far story.

First round

An article in the newspaper Aargauer Zeitung claimed that three million IoT-connected toothbrushes had attacked a Swiss company, causing its website to be unavailable for four hours.

Assuming the story was true, hundreds of other news sources retold it. It was n’t true, though.

What source did the story come from for Aargauer Zeitung? They did, however, cite a Fortinet security researcher.

Round 2

Fortinet erupted into action and issued a statement attributing the incident’s translation problem after members of the cybersecurity industry ( including yours truly ) mocked or outright debunked it as” total bollocks.”

Round 3

Where are we now, then?

Ding ding, then! Aargauer Zeitung has emerged from its corner fighting in Round3.

The newspaper asserts in a recent statement posted on its website that Fortinet had presented the toothbrush DDoS attack as actual ( rather than hypothetical ) and that the company had also provided specific information about what had happened.

German newspaper cutting

German newspaper cutting

For those of us who do n’t understand German, the newspaper’s words are as follows:

Swiss Fortinet representatives have referred to the toothbrush case as a real DDoS attack at an appointment that dealt with current threat situations, which differs greatly from how the company’s California headquarters currently refer to it as” a translation problem.”

Fortinet provided specific information, including information on the extent of the damage and how long the attack paralyzed a Swiss company’s website. Fortinet did not want to identify the company out of respect for their client.

Before publication, Fortinet was given the text to review. It was n’t obsessed that it was a real case that actually occurred.

With its statement, which was distributed to numerous international media, Fortinet’s global management has now responded. It has n’t been sent to CH Media by the company. Fortinet has not yet provided us with another statement.

Ouch.

Is that a knockout punch, or will Fortinet return for Round 4?

Subscribe to our newsletter for free.
News, suggestions, and security advice.

Skip to content