<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1678611822423757&amp;ev=PageView&amp;noscript=1">
Defrag This

| Read. Reflect. Reboot.

The Attack of the Internet of Things

Kevin Conklin| October 24 2016

| security

hacktivists-leverage-lack-of-iot-security-to-infect-devices-and-bring-down-websites-1

UPDATE: According to business intelligence specialist Flashpoint, the DDoS attack against Dyn is likely to have been caused by script kiddies. Suspected nation state-sponsors and hacktivists like New World Hackers are no longer considered to be the culprits. 

What happens when IoT security vulnerabilities force devices we rely on every day to strike back? You can't tweet or listen to Spotify, among other things.

DDoS Attack Affects Millions

Many people suffered through a number of frustrating inconveniences such as I experienced last Friday morning as dozens of websites were taken offline for hours. The outage was caused by a Distributed Denial of Service (DDoS) attack against Dyn, one of the largest ISPs around. The leverage points behind the attack stemmed from an inherent IoT security issue: devices with default passwords that became infected with malware known as Mirai.

No Ska rhythms filled my car during my morning commute because Spotify was down. I stood in line for a good amount of time at Starbucks because their remote order app was offline. My first hours at work were impacted by my inability to login to Basecamp. (Other sites affected included Twitter, Netflix, The New York Times, Reddit, Pinterest, AirBnB and many more.)

Related Article: Data Breaches and the Election Going Hand in Hand in 2016

While my experiences qualified as First World Problems, on a national level, lower productivity caused by an Internet outage can cost tens to hundreds of millions.

IoT Security Flaws Caused by Weak Passwords

Last Friday's outages were the result of millions of machines acting in a coordinated effort to make it difficult or impossible to access targeted sites. This morning it was reported that a group called New World Hackers claimed responsibility that includes members from Russia, China and India.

In other words, the DDoS attack was masterminded a group of people who took advantage of two fundamental elements of our networked lives: the Internet of Things and a Domain Network Service (DNS).

We've populated our lives with a huge array of devices, each capable of receiving and transmitting network traffic. When attacked, that network traffic is routed to its intended destination through the Internet's phone book, a DNS. IoT devices often have weak default passwords and are easy to infect.

On Friday, someone flipped the switch and that malware program affected millions of devices that sent huge volumes of network traffic to the servers belonging to Dyn. The malware was successful in overwhelming the firm's DNS servers and as a result, millions of people couldn't get onto their favorite sites.

Over the weekend Dyn reported that its servers were once again functioning normally.

 

a level3 map of the us detailing internet outages and disruptions. A map from Level 3 shows what areas of the U.S. were most impacted by Friday's DDoS attack

 

One Chinese IoT technology company that produces DVRs and cameras had 500,000 of its own devices infected with Mirai malware, according to internet backbone provider Level 3 Communications. The company admitted that IoT security became vulnerable because their products are preset with weak default passwords that their customers often do not change.

According to The Register, "Source code for the malware leaked online last month, allowing relatively unskilled cybercriminals to use PVRs, routers and more as a platform to launch denial of service attacks."

Related Article: An Introduction To Exploit Kits

To make matters worse, yesterday afternoon the hacktivst group Anonymous tweeted "DDos attack comin'.

The Role We Play

If any of those affected machines were attached to your network, your company helped foot the bill to carry out the cyber-attack. In a typical DDoS attack, the infected machines send huge volumes of traffic continuously until the attack source is identified and shut down.

That means we have a role to play in preventing and thwarting these attacks in the future. The pervasiveness and persistence of cybercriminal activity and the lack of IoT security means it is likely that some of the devices on your network are infected with malware. Mitigating the risk of data loss or participation in DDoS attacks, therefore, requires effective monitoring.

For example, a cost-effective network traffic analysis tool alerts IT teams to unusual spikes in traffic in time to allow remediation before there is an impact to your network or internet bill. Log management and analysis is also a means of identifying suspicious activity.

Related Article: SMBs - A Hacker's Treasure Trove

There is no end in sight to the trend toward increasing deployments of ever more intelligent networked devices. Nor is there any evidence that cybercriminal activity will decrease. That puts the onus on IT organizations to increase their vigilance through more effective monitoring paradigms.

Topics: security

Leave a Reply

Your email address will not be published. Required fields are marked *

THIS POST WAS WRITTEN BY Kevin Conklin

Kevin joined Ipswitch in 2015 and leads the company’s product and content marketing practices. He is widely recognized for his product marketing accomplishments in information technologies. He is a serial startup executive having played instrumental roles in the success of such companies as for Prelert, VKernel, Mazu Networks and Smarts, Inc. and has been instrumental to the success of these IT management technology companies. Kevin is also the co-host of the PICNIC Podcast live show (https://picnic-podcast.com/), sharing experiences and best practices, providing a voice of expertise, and educating IT professionals with the latest technology challenges.

Free Trials

Getting started has never been easier. Download a trial today.

Download Free Trials

Contact Us

Let us know how we can help you. Focus on what matters. 

Send us a note

Subscribe to our Blog

Let’s stay in touch! Register to receive our blog updates.