Billions of devices are connected to the internet in some way, shape, or fashion. It is simply inevitable. They need it for maintenance, updates, convenience, and functionality. Some devices connect to the internet and you probably barely even knew, if at all. Things like Security Cameras, Smart Door locks, Your TV’s DVR, and some more obvious things like Smart TV’s, and Streaming Devices.
Now the stunning part, all of those devices were used to bring down the sites you love like Twitter, Amazon, and Netflix. Yep. Things like security cameras brought Twitter to its knees. But how?
There was a massive siege on Dyn, a New Hampshire-based company that monitors and routes Internet traffic. This devastating attack proved that the devices made to keep you secure aren’t secure themselves. That would be similar to having a depressed counselor. It doesn’t make sense, does it?
But that is how the Internet of Things (IoT) is. There really is barely anything stopping someone taking control of these devices, because no one ever thought they could be used to bring down billion-dollar companies.
Dyn was hit by something called a Distributed Denial of Service attack, or a DDoS attack. What happens in one of these attacks is that a barrage of devices send fake requests to the servers for information. This prevents real requests from getting through to the server, either severely slowing down services or totally taking them offline.
Right now there is no idea who performed the attack. It could be one very determined person, a group of people, or a government even (but probably not).
The attackers created a digital army of co-opted robot networks, a “botnet,” that spewed millions of nonsense messages at Dyn’s servers. Like a firehose, they could direct it at will, knocking out the servers, turning down the flow and then hitting it full blast once again.
The attack can be seen from the visualization below:
They used a software called Mirai, which brings extreme devastation with little necessary expertise. However, from the day it was released, security experts knew that it posed a threat, yet nothing was done about it.
Mirai insinuates itself into household devices without the owner’s knowledge, using them as platforms to send the sever-clogging messages even as the device continues to do its day job for its true owner.
That breadth of “attack surface,” as security experts call it, is one of the things that makes Mirai so difficult to fight, said Kyle York, Dyn’s chief strategy officer.
“The complexity of this attack is because it’s so distributed. It’s coming from tens of millions of source IP addresses that are globally distributed around the world. What they’re doing is moving around the world with each attack,” he said.
“IoT security has been horribly flawed ever since it first became a thing, largely because of the pace that new products have to go to market, and the fact that designing security is seen by vendors as ‘slowing things down,’” said Casey Ellis, CEO of Bugcrowd, a San Francisco-based computer security service.
“The threat research community needs to find a way to prevent the IoT devices from participating in these attacks. They are valuable to the bot army controller because they are usually always on and have high capacity connections that generate huge botnet power,” said Jeff Schilling, chief of operations and security at computer security firm Armor.
Below is the highest level of device activity during the attack:
What are your thoughts on this? How many devices do you have that can be compromised? Let us know below!