I hate
it when the world mocks a recent column. Two weeks ago I extolled the virtues
of the Internet of Things devices. This week, they helped cripple large parts
of the Internet for the better part of a day.
On
Friday the 21st, users were unable to reach sites like Twitter, Pinterest, CNN
and many others. These sites all used the DYN Corporation to manage their DNS
services.
When
you type in an Internet address, like InsideNova.com, the request is first
routed to a Digital Name Service server. There the name is found in a database,
and a number is returned to your browser. That number tells your browser where
to find the actual InsideNova web server on the net.
If that
DNS server is down, then your browser will not find the content you are
seeking.
DYN manages the DNS servers for the companies
that became unreachable Friday. DYN was attacked by an unknown entity using a
denial of service attack, or DOS for short.
In a
DOS attack a site is flooded with traffic, overwhelming its servers so they
cannot do their job. Think of a million mailmen all trying to put mail into
your mailbox at the same time. Not all of them could stuff mail at the same
time, and the little box would be overwhelmed.
Friday’s
DOS came in two separate attacks from an astonishing tens of millions of Internet
addresses. By attacking this one site, the attacker was able to hobble many
sites instead of just the one they were attacking.
If just
one computer tried to flood another in a DOS attack, it would be easy to know
where the attack was coming from and block it. To avoid detection DOS attackers
created botnets to infect PCs. They might trick you into opening an email
attachment that would install the botnet or sneak it onto a PC another way.
A lot
of times when your computer is infected by a virus, that virus did not harm
your PC or even copy information from it to another PC. Instead it became
partially under the control of a bad actor. When they wanted to mount a DOS
attack, they could order their army of botnets on PCs like yours and mine all
over the world to begin flooding the target site with traffic. If you and I were alert, we might notice our
outgoing internet traffic was higher than it ought to be, but few of us would
notice.
This is
where Internet of Things devices enter the picture. When we began adding home
automation hubs, internet connected lights, thermostats, sensors etc., the
manufacturers did not pay as much attention as they should have to the security
of those devices.
And we
users are often lazy and do not change the default passwords that come with the
devices. That made it easy for botnets
to install themselves on the tiny devices in our home and, on command, join an attack on a site.
Amazingly,
the botnet software is available for free on the Internet. DYN announced they
discovered it was the Mirai botnet software used against them.
DOS
attacks are not only easy to do but non-technical types can also purchase DOS
attacks online for about $150 a week.
Does a business competing with yours take a lot of online orders on
their website? For $150 you can cripple their order-taking for a week.
We
ordinary users can help combat botnets enslaving our PCs and devices. For the
PCs, install anti-virus software and keep it current. Download and check your
system with MalwareBytes to find bad software.
If you
have an Internet connected device, learn from its manual or the manufacturer’s
website how to change its default password, and update the device’s firmware to
the most recent version. Reboot the device and then as soon it comes back
online, change its password. It takes
only a few minutes for the Mirai botnet to find devices new to the Internet
and, using their default passwords, infect them.
This is
especially critical for Internet connected video baby monitors and security
cameras. There are sites where you can see other people’s video feeds if they
have not changed their camera default password.
These
attacks may have been just mischief. Or they could be a national enemy learning
how to bring down parts of our infrastructure should they ever want to mount a
larger attack. Other DOS attacks demand money to stop. Anything we can do, by securing our home
devices, helps thwart them.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.