For quite a while, technology experts warned that the millions of Internet-connected “smart” devices we use every day are weak, easily hijacked and could be turned against us.
Well, last Fridays massive attack on Dyn, a New Hampshire-based company that monitors and routes Internet traffic, shows those ominous predictions are now a reality.
An unknown attacker intermittently knocked many popular websites, email servers, and other systems offline for hours Friday, from Amazon to Twitter and Netflix to Etsy. How the breach occurred is a cautionary tale of the how the rush to make humdrum devices “smart” while sometimes leaving out crucial security can have major consequences.
Dyn, a provider of Internet management for multiple companies, was hit with a large-scale distributed denial of service attack (DDoS), in which its servers were flooded with millions of fake requests for information, so many that they could no longer respond to real ones and crashed under the weight. Not only did it knock the servers off line, the repercussion of the servers coming back online with millions of emails waiting to be sent and received caused secondary delays in up time.
Who orchestrated the attack is still unknown. But how they did it — by enslaving ordinary household electronic devices such as DVRs, routers and digital closed-circuit cameras —is established.
The attackers created a digital army of co-opted robot networks, a “botnet,” that spewed millions of nonsense messages at Dyn’s servers. Like a fire hose, they could direct it at will, knocking out the servers, turning down the flow and then hitting it full blast once again.
The specific weapon? An easy-to-use botnet-creating software called Mirai that requires little technical expertise. An unknown person released it to the hacker underground earlier this month, and security experts immediately warned it might come into more general use.
In real life there may not be a 100% solution, however there are things that you can to to lessen the chances or severity of how you may be affected.