Last week started well and ended with a shocker on Friday that has got the tech world still talking. Around 7:10AM ET/12 Noon Nigerian, Dyn was a target of a DDoS attack which in turn affected sited like Twitter, Netflix, Amazon, Spotify, PayPal etc. in some parts of the United States.
As you might expect, the blame game started to pour in and the two big questions at the time were;
Right now, we may know how it happened but it’s still not clear who’s behind it as the United States government is now investigating.
How it happened
The attacks were carried out using criminal botnets that were infected with Mirai; a type of malware that can used to take over the internet-of-things (IoT) as we know it. The IoTs are connected devices that range from your light bulb to wearables and the moment a bad actor is able to crack your password on these devices, they are able to do just about anything.
In the case of what happened on Friday though, DVRs and cameras were used. In fact Hangzhou Xiongmai Technology which is a Chinese company that make such devices confirmed that some of its products played a role in the attacks. The hackers were able to get on these devices after they were able to crack some weak passwords which helped them to infect these devices with the Mirai malware. They have since asked users of their DVRs and cameras to change their passwords.
Mirai continuously scans the internet for Internet of things (IoT) devices and infects them by using a table of common factory default usernames and passwords to log into them. This malware’s source code exists on the dark web (the other side of the internet that’s used to do all kinds of stuff including illegal) and security experts had always known that this day would come but at this point it looks like some bad guys out there can strike at any time again.
While investigations are on by the American government, the first step to take to protect yourself is to change those weak passwords and probably change them constantly. But companies (manufacturers and network providers) are going to have to come up with ways to make these devices more secure.
I hate to the bearer of bad news but it looks like these guys could strike soon again.
Paul Balo is the founder of TechBooky and a highly skilled wireless communications professional with a strong background in cloud computing, offering extensive experience in designing, implementing, and managing wireless communication systems.
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
