The vulnerability of Internet of Things became weapons behind a cyber attack in the U.S., October 21th Friday.
Last Friday morning starting from 7am Eastern Time, services such as Twitter, Spotify, Netflix and Reddit was taken offline. These companies use the DNS service from the same company, Dyn. The DDoS (distributed denial of service) attack at Dyn’s servers caused this incident.
According to Dyn, tens of millions devices around the world were used to bomb its servers with traffic. And as security analysts, the hackers hijacked vast IoT devices and linked them with a massive botnet controlled by the Mirai malware to tackle this attack.
Mirai was born and thrived from weak security at smart home devices. IoT device are often poorly protected which leaves them become easy targets for hackers. For example, many devices have the default usernames and passwords. And once Mirai finds a way to access the device’s credential, the malware hijacks it and adds it to the botnet.
More, many devices involved in this attack were made by a Chinese manufacturer, XiongMai Technologies. The Chinese company makes IoT components and sells them to vendors for formation in their own products. The process means millions of IoT devices using XiongMai’s user account settings can be hijacked, including security cameras, smart home devices or baby monitors.
The users would not notice that their devices have been used as weapons for cyber attacks. And end-users usually cannot modify the credentials by themselves, so it’s difficult to protect these vulnerable products. According to Flashpoint Security’s data on October 6th, there are over 515,000 devices that could be hijacked through this way.
Three separated DDoS attacks happened on Dyn’s servers. For that Dyn provides domain names for hundreds of major websites, popular web services were shut down through the day.
This big attack has raised concerns about the security of IoT devices. Traditionally, cyber attacks targets single website to shut down its service. With the increasing numbers of IoT devices, attacks like this time at Dyn might become more common in the future. It becomes more powerful and threatens more businesses with each attack.