http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141008-asa I'm no expert, but the last bit sounds like "yah - we left the door unlocked, and a bunch of holes in the door... but we swear the burglar isn't a burglar - it's just some one who accidentally stumbled in through the door..." Successful exploitation of the Cisco ASA VPN Failover Command Injection Vulnerability, Cisco ASA VNMC Command Input Validation Vulnerability, and Cisco ASA Local Path Inclusion Vulnerability may result in full compromise of the affected system. Successful exploitation of the Cisco ASA Clientless SSL VPN Information Disclosure and Denial of Service Vulnerability may result in the disclosure of internal information or, in some cases, a reload of the affected system. Successful exploitation of the Cisco ASA Clientless SSL VPN Portal Customization Integrity Vulnerability may result in a compromise of the Clientless SSL VPN portal, which may lead to several types of attacks, which are not limited to cross-site scripting (XSS), stealing of credentials, or redirects of users to malicious web pages. Successful exploitation of the Cisco ASA Smart Call Home Digital Certificate Validation Vulnerability may result in a digital certificate validation bypass, which could allow the attacker to bypass digital certificate authentication and gain access inside the network via remote access VPN or management access to the affected system via the Cisco Adaptive Security Device Management (ASDM).
2015-July-08 UPDATE: Cisco PSIRT is aware of disruption to some Cisco customers with Cisco ASA devices affected by CVE-2014-3383, the Cisco ASA VPN Denial of Service Vulnerability that was disclosed in this Security Advisory. Traffic causing the disruption was isolated to a specific source IPv4 address. Cisco has engaged the provider and owner of that device and determined that the traffic was sent with no malicious intent. Cisco strongly recommends that customers upgrade to a fixed Cisco ASA software release to remediate this issue. Successful exploitation of the Cisco ASA SQL*NET Inspection Engine Denial of Service Vulnerability, Cisco ASA VPN Denial of Service Vulnerability, Cisco ASA IKEv2 Denial of Service Vulnerability, Cisco ASA Health and Performance Monitor Denial of Service Vulnerability, Cisco ASA GPRS Tunneling Protocol Inspection Engine Denial of Service Vulnerability, Cisco ASA SunRPC Inspection Engine Denial of Service Vulnerability, and Cisco ASA DNS Inspection Engine Denial of Service Vulnerability may result in a reload of an affected device, leading to a denial of service (DoS) condition.
United Airlines and Wall Street Journal also went down today. The Chinese market is also in chaos today. Markets around the world are down due to the ongoing economic crisis in Greece after they voted no to Europe's bail-out offer. And (last week) US stocks also had the worst week thus far this year.
And yet, incredibly, all of these seem to be unrelated.
That certainly seems to be the official line, although it doesn't seem impossible that it could be an attack either; plenty of high profile attacks have occurred recently. China is under pressure, and events in Greece weakening American and European markets would make this an opportune time to strike. It would take more investigative journalism to provide evidence of what really happened, though. I don't trust the NYT to deliver much more than PR releases of the affected corporations and governments. I've seen some people linking this norsecorp.com map when speculating, which seems like something made in part or whole by the USG.
It might be fear of something I don't understand; but I'm just not a fan of having our world economy depend on an automated system of high-frequency transactions. It's great that they managed to shut this down on time, but a more difficult to identify "bug" could have horrible consequences.