Home Emergency Management News Insecure IoT Devices Central in Major DDoS Attack

Insecure IoT Devices Central in Major DDoS Attack

0

The Internet of Things (IoT), as it's known, has the ring of a friendly and harmless entity. But hackers recently showed the IoT's dark side.

The dark side of the IoT lies in its inherent insecurity; for evidence, look no further than the massive DDoS attack that struck the U.S. on Friday. All told, the attack took down large websites like Twitter, Etsy, Github, Soundcloud, Spotify, and Shopify.

The blame for the attack lies squarely on the thousands of highly insecure IoT devices that dot the U.S. map. And the list of possible culprits is long. The list of connected devices that may pose security concerns includes security cameras, smart thermostats, baby monitors and more.

The Internet of Things (IoT) Generally refers to the connectedness of various devices. IoT devices include phones, buildings, vehicles, and a growing list of appliances and other devices. The IoT is the central force fueling the increasingly connected modern day society.

An historic attack?

Dyn, an Internet Performance Management company, received the brunt of the recent attack. Following the incident, the company released an official statement about the attack in an effort to bring some clarity.

According to Dyn, the Distributed Denial of Service (DDoS) attack on Friday, October 21 targeted Dyn's Managed DNS infrastructure. The company called it an "historic attack" that involved tens of millions of IP addresses. With investigation still pending at the time of the statement, Dyn did specificy the Mirai botnet as one source of the traffic for the attacks. More specifically, devices infected by the Mirai botnet served as a main source.

Mirai botnet

Experts largely corroborated the theory of the involvement of the Mirai botnet in the days following the DDoS attack.

So, while some details remain murky, the belief that hacked cameras, DVRs, and other IoT devices played a major role in the attack remains steady.

One electronics manufacturer in particular -- XiongMai Technologies -- could be an inadvertant main player in the attack. Reports point to compromised digital video recorders (DVRs) and IP cameras from XiongMai Technologies as central to the massive DDoS attack.

Matt Mills Matt Mills has been involved in various aspects of online media, both on the editorial side and on the technology side, for more than 16 years. He holds a Master's Degree in Journalism from Northwestern University's Medill School of Journalism, and is currently involved in multiple projects focused on innovation journalism.