‘Internet of Things (IoT)’ attacks Internet.
If you were trying to connect to website services such as Amazon, Twitter, Netflix and Spotify last Friday (21st October 2016) you may have had an inkling that something was not quite right. This is because a large portion of the Internet was impacted by a Distributed Denial of Service (DDoS) attack on a company called Dyn which provides amongst other things, domain name system (DNS) services which translates domains names into IP addresses.
What We Know
In a statement made on Saturday, Kyle York Chief Strategy Officer at Dyn revealed:
“At this point we know this was a sophisticated, highly distributed attack involving 10s of millions of IP addresses. The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations. We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai botnet.”
Investigations are ongoing, but the services now appear to be back to normal.
Haven’t we just seen something like this?
Yes we have. Just last month in our Is your smarthome committing a cybercrime? article, I talked about how the record for a DDoS attack was broken twice in the space of a week, both of which used Internet of Things devices as part of the botnets. Brian Krebs whose website was taken down by this type of attack commented again on the weekend following the attack on Dyn:
“…the source code that powers the “Internet of Things” (IoT) botnet was publically released… The malware, dubbed “Mirai,” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default usernames and passwords.”
Clearly the malware is becoming more sophisticated and more potent. A depiction (by Downdetector.com) of the outages caused by the attack on Dyn paints a worrying picture.
What can we do about it? Should we care?
Let’s say you don’t use Twitter or Amazon or Spotify or Netflix, or any of the other affected websites/services but your DVR, webcam or other internet connected device was used. Well first of all your own device has been compromised and could be used against you – who would want their baby monitor being controlled by a stranger? Other than your personal privacy and security, your devices being part of a botnet on this scale could be utilised for something massive – I mean other than you not being able to listed to your favourite music service. Can you imagine a DDoS attack or worse on National Critical Infrastructure?
Part of the onus is on us as consumers of these internet connected devices to make sure that the default user name and password is changed. It’s not hard but IoT is putting these items into the hands of people who are not technically minded or do not want to have to do these things. So the responsibility also falls into the hands of the manufacturers – some of whom are already starting to implement unique user ids and passwords for each device – the question is how long before they all increase their security?
Perhaps the easiest approach is to secure your smarthome. As more and more internet connected technologies enter our homes, we should look at cybersecuring our homes in the same way we have alarms and locks on our doors and windows.
Infosec Partners can help
Concerned that your organisation isn’t prepared for a DDoS attack, or worried that your Internet connected devices at home might have been breached? We can help. From stress testing significant organisation’s security strategy and resilience to attacks including DDoS, to securing exclusive estates using full home-automation and IoT technologies, Infosec Partners are proven experts in full-spectrum cybersecurity and a team you can trust.
For your free consultation, complete the adjacent form or to speak with trusted advisor immediately call us on +44 (0)1256 893662.