ARTICLE

Hackers Use "Internet Of Things" To Bring Down The Internet

News Image By Daisy Luther/daisyluther.com October 25, 2016
Share this article:

You know all of those cool, sci-fi gadgets that people are beginning to get that are connected to the Internet in their homes?  

The voice-controlled thermostats, the wireless printers and cameras, the home security systems, the food scale that sends the calories to your phone app, those "smart" appliances that text you to pick up milk, and the DVRs that can be programmed via your phone from work?

Apparently, those things may not be so smart after all because they played a big role in the cyber attack that took place last Friday. 


Security analysts believe that Friday's attack on popular websites such as Reddit, Twitter, Netflix, and Spotify was the first one carried out by hackers who used the "Internet of Things."

Heres how the Internet of Things works:

Who else thinks that this is how Skynet got started? Maybe its just me.

The attack was on one service: Dyn.

The massive attack took down the Internet across the country. The website Downdetector provided a map that shows how much of the US was affected:
l3outage-580x330
The attack was on one company, and everything else fell over like a row of dominoes.

All of the companies involved use Dyn, a cloud-based Internet performance management company.

Dyn was the target of the attack, and that, in turn, affected other companies.

Dyn is sort of like a phone book that directs users to the Internet address of the website. On Friday a distributed denial of service attack, (DDoS) affected Dyn by sending thousands of messages at the same time, which overwhelmed the service.

Security company Flashpoint said it had confirmed that the attack used "botnets" infected with the "Mirai" malware. From their site:

Flashpoint has confirmed that some of the infrastructure responsible for the distributed denial-of-service (DDoS) attacks against Dyn DNS were botnets compromised by Mirai malware. Mirai botnets were previously used in DDoS attacks against security researcher Brian Krebs' blog "Krebs On Security" and French internet service and hosting provider OVH. Mirai malware targets Internet of Things (IoT) devices like routers, digital video records (DVRs), and webcams/security cameras, enslaving vast numbers of these devices into a botnet, which is then used to conduct DDoS attacks. Flashpoint has confirmed that at least some of the devices used in the Dyn DNS attacks are DVRs, further matching the technical indicators and tactics, techniques, and procedures (TTPs) associated with previous known Mirai botnet attacks.


Coincidentally, many of the  vulnerable "smart" devices are made in China.

Many of the devices involved come from Chinese manufacturers, with easy-to-guess usernames and passwords that cannot be changed by the user - a vulnerability which the malware exploits. 

According to the BBC:

"Mirai scours the Web for IoT (Internet of Things) devices protected by little more than factory-default usernames and passwords," explained cybersecurity expert Brian Krebs, "and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users."

The owner of the device would generally have no way of knowing that it had been compromised to use in an attack.

I'm sure those easy passwords and vulnerabilities aren't deliberate. China would never sneak Trojan horses into the USA, would they?

Originally published at DaisyLuther.com - reposted with permission.




Other News

July 09, 2025From Japan To The U.S - Earthquake Fault Lines Are Awakening

Is there a possibility that a cataclysmic eruption of Mt. Rainier could occur in the not too distant future? On Tuesday morning, Mt. Rain...

July 09, 2025When The Left Wants Blood: The Quiet Slide Toward Political Violence

Democratic lawmakers are hearing increasingly violent rhetoric from their constituents-calls to "break the rules," "fight dirty," and stop...

July 09, 2025The Digital Trap: Europe's Quiet March Toward Total Control

Imagine a world where every transaction you make, every website you visit, every thought you dare to express online is silently recorded, ...

July 09, 2025Shepherds Without Scripture: What Do Today’s Pastors Really Believe?

One in four Mainline clergy doubt the existence of God. These aren't fringe bloggers or deconstructing TikTok influencers. These are the m...

July 07, 2025Hijacking Creation: Scientists May Only Be Years Away From Lab-Made Children

In-vitro gametogenesis - the creation of human sperm and eggs from skin or blood cells--is now just years away. Scientists across Japan, C...

July 07, 2025Death To The IDF? The Disturbing New Normal On The Progressive Left

Once reliably pro-Israel, the Democratic Party has undergone a dramatic reversal on the Israeli-Palestinian conflict-and no demographic re...

July 07, 2025Access Denied: How Age Rules Could Reshape The Internet For Everyone

If identity becomes the new key to the internet, then the next great digital debate won't be about content moderation-it will be about acc...

Get Breaking News