It’s Halloween today and everywhere you look, spooky and scary themes abound; from costumes to decorations and in the media. And though clowns may be our worst nightmares, there may be one thing scarier that can haunt us forever: having your own personal devices turning on you.

You may have noticed that Reddit, Twitter, and other popular sites had some connectivity issues last weekend. However, what seemed to be just a temporary glitch turned out to be a much scarier turn of events. Turns out there was a major cyber security attack on Dyn (Internet performance management company), and what’s really horrifying was that the attack was executed with the use of common IoT-enabled devices within many of our homes.

The Domain Name System (DNS) DDoS attack that occurred on October 21 most likely used hijacked cameras, home automation devices and internet-enabled appliances by detecting factory-supplied passwords. They send an excessive amount of valid traffic with deterministic and nondeterministic intent.” – Russell Couturier, SecurityIntelligence

Fast facts – what we know so far:

  1. Dyn said attacks were coming from millions of internet addresses, making it one of the largest attacks ever seen. Security experts said it was an especially potent type of distributed denial-of-service attack or DDoS, in which attackers flood the targets with so much junk traffic that they freeze up.” (Reuters)
  2. The attack used a botnet Mirai, a piece of malware, which utilizes IoT-enabled devices remotely to cause major disruptions.
  3. Many of the hacked IoT-enabled devices ranged from webcams, DVRs, and routers–and a majority of these devices had passwords that had never been changed from their factory-issued login IDs and passwords. (A great reminder to all of us to continue with secure password practices.)
  4. The US Department of Homeland Security is currently still investigating the issue.
Security for IoT

 

More info on the Dyn attacks

What now?

Knowing what we currently do know, can we all just take a moment and re-acquaint ourselves with good security practices? It’s always a good idea to routinely change our passwords, but how do we prevent more sophisticated hackers?

Read the following articles from developerWorks Security to protect your data, networks, and devices:

Save

Save

1 comment on"Attacks on Dyn cause major internet disruptions"

  1. Kelley Greeson November 01, 2016

    Interesting post. I hadn’t heard about this event. But I’m now considering this in my current planning to use more IoT devices in my home and business. Thank you, Jina, for your timely post.

Join The Discussion

Your email address will not be published. Required fields are marked *