DDoS update: It was the IoT, screwing Dyn, with the faulty traffic cam

Distributed denial of service (DDoS) attacks are a common problem for network administrators around the world. Websites small and large get targeted by them every day. But this Friday, dozens of major websites were affected by a widespread attack – and this time the Internet of Things is in the spotlight.

Friday’s attack– already referred to as the October 2016 Dyn Cyberattack, showing immediately that we need snappier names for these events — affected many popular websites including Twitter, Amazon, Reddit, Netflix, and more. These websites shared one thing in common: they all used a common domain name system (DNS) provider, Dyn.

From about 0930 ET until just after 1800 ET, Dyn’s servers were attacked in three DDoS waves. We know now that many of the devices participating in the attack were IoT devices such as smart refrigerators, thermostats, and toasters. A group called “New World Hackers has claimed responsibility for the attack.

CSI: Internet breaks it down for us

A DNS provider like Dyn takes human-readable information, such as domain names, and points systems to their associated IP addresses. This makes it easier to find and reference websites you love without having to memorize a set of IP and port numbers. A DNS plays a vital role in the stability of the Internet, and any interruption of this service can and often will create havoc on the websites it works with.

The perpetrator can be a lone individual or an organized group that either bought or gained access to a swarm of compromised computer systems. These systems are compromised when malware or malicious code makes its way onto someone’s desktop, laptop, tablet, or smartphone. That malware embeds itself invisibly onto the system so the owner doesn’t even know they’re affected.

These systems become part of what’s commonly described as a botnet. This botnet is used to carry out attacks on targeted systems by swarming them with so many requests that they are unable to handle them. Usually, this means the server freezes up or the legitimate traffic it receives has a difficult time getting its requests through.

Mirai: A name you’ll hear a lot

Friday’s attack utilized systems infected with the Mirai malware — a widespread malicious software that targets consumer smart home devices. These devices are typically hooked up and forgotten about, receiving rare updates and patches compared to traditional personal computers.

This makes them an especially good target for malicious parties. Mirai spreads itself by scanning the Internet for IPs owned by common connected devices. These devices are often left with factory logins and weak security protocols. The software uses this weakness to upload itself onto the device and take it over.

The owner, never knows or has any way of finding out if their device is infected. It operates exactly as it usually does.

“The really frightening part of this is not that we will be struggling with these new attacks for some time, but that the underlying weakness which makes them successful can and will be used to unleash more serious attacks,” said Chris Sullivan, general manager of intelligence/analytics at internet security firm Core Security.

See also: Hackers use decade old vulnerability to attack the Internet of Things

The next attack, he says, might be the one “that steals credit cards and weapons designs, manipulates processes like the SWIFT global funds transfers, and even destroy physical things like 30,000 PCs at Saudi Aramco.”

So, what’s next? For one, the Internet of Things is going to need increasingly robust security measures at all levels. We live in an age where information security is increasingly important, and if we are going to invite these devices on our private, corporate, and government networks, we need to be able to trust that they are secure enough not to fall prey to these kinds of malicious attacks.

The Internet of Things is a relatively new concept and there are growing pains to be expected. Just as we endured and continue to endure countless security patches and updates on popular operating systems like Windows and OS X on our desktop computers – we should expect these kinds of updates to occur on our smart toasters, as well.

Facebook Comments