Has anyone noticed that Twitter, Netflix, Github, Reddit, Spotify, Etsy, Soundcloud, Heroku, Shopify and other major websites went down recently?
Here is what happened. Dyn Inc., an internet company in Manchester, New Hampshire, said its servers were hit by a distributed denial-of-service attack.
The attack targeted servers belonging to DNS provider Dyn Inc. Which basically means that the system that matches domain names like Google.com or Yahoo.com to the right IP addresses got attacked and disrupted so if you are trying to access any of the websites that got affected, their servers are unable to respond properly to your website access request.
Researchers say that a specific malware named Mirai might be the culprit. Recently, their source code has been published publicly.
This type of attack does not require a lot of money nor resources to execute. IF the code has been modified somehow, it can easily exploit security vulnerabilities among thousands and thousands of devices connected to the internet such as webcams, botnets, IoT devices such as thermostats and fridges to unleash massive traffic that can paralyze network traffic flow.
Although DDoS attacks have been around for a long time, today’s hackers have more devices they can utilize for an effective attack in the form of internet connected devices like cameras, thermostats, lights and much more.
The Mirai malware allows a would-be hacker to scan the internet to scan for devices they can take over and make it a part of their “botnet” which they can use for their attack.
Botnets used to attack porn and gambling related websites which they basically extort money from. However if such an attack is done to a company line Dyn Inc., a lot of internet services gets shut down.
Security researchers were able to narrow down where the attacks have been coming from. The bulk of the traffic came from Chinese made IP cameras, video recording devices, thermostats, lighting and other components. The reason being is that the components offer little or no protection at all which makes it easier to exploit.
A lot of these components were put into other devices and were basically rebranded; making it hard to tell where they ended up. Their research shows that most of them ended up in Vietnam, Brazil, Taiwan and China.
These attacks may not be that sophisticated, but it is by sheer volume that it is service affecting.
It is about time that hardware-level security needs to be increased and adapted. Software patches and firmware upgrades are also necessary.
These companies that manufacture the devices need to step up a bit and have these patched up to avoid future issues.