It’s Halloween today and everywhere you look, spooky and scary themes abound; from costumes to decorations and in the media. And though clowns may be our worst nightmares, there may be one thing scarier that can haunt us forever: having your own personal devices turning on you.
You may have noticed that Reddit, Twitter, and other popular sites had some connectivity issues last weekend. However, what seemed to be just a temporary glitch turned out to be a much scarier turn of events. Turns out there was a major cyber security attack on Dyn (Internet performance management company), and what’s really horrifying was that the attack was executed with the use of common IoT-enabled devices within many of our homes.
“The Domain Name System (DNS) DDoS attack that occurred on October 21 most likely used hijacked cameras, home automation devices and internet-enabled appliances by detecting factory-supplied passwords. They send an excessive amount of valid traffic with deterministic and nondeterministic intent.” – Russell Couturier, SecurityIntelligence
Fast facts – what we know so far:
- “Dyn said attacks were coming from millions of internet addresses, making it one of the largest attacks ever seen. Security experts said it was an especially potent type of distributed denial-of-service attack or DDoS, in which attackers flood the targets with so much junk traffic that they freeze up.” (Reuters)
- The attack used a botnet Mirai, a piece of malware, which utilizes IoT-enabled devices remotely to cause major disruptions.
- Many of the hacked IoT-enabled devices ranged from webcams, DVRs, and routers–and a majority of these devices had passwords that had never been changed from their factory-issued login IDs and passwords. (A great reminder to all of us to continue with secure password practices.)
- The US Department of Homeland Security is currently still investigating the issue.
More info on the Dyn attacks
- For a complete timeline and a statement on the DDoS attack from Dyn.
- Read “IoT security: An IBM position paper.”
- Read the latest X-Force Exchange collection on the Mirai Botnet.
- Read the blog “IoT devices used in DDoS attacks.”
Knowing what we currently do know, can we all just take a moment and re-acquaint ourselves with good security practices? It’s always a good idea to routinely change our passwords, but how do we prevent more sophisticated hackers?
Read the following articles from developerWorks Security to protect your data, networks, and devices:
- “InfoSphere Guardium data security and protection for MongoDB”
- Information protection, Part 1: Information security
- “Use a YubiKey with ISAM”
- Reduce risks to your organization posted by IT operations
- System security and practical penetration testing
- Insider threat