On Friday, Oct. 21, hackers used millions of everyday internet-connected devices such as printers, refrigerators, cameras and so on to launch an unprecedented attack on a critical part of the Internet.
Last Friday’s Internet Attack
According to Fortune, last Friday’s internet attack was a success for its initiators, affecting the websites of major companies like Twitter, Netflix and Amazon for hours at a time. Hackers assembled a botnet army of internet-enabled devices by using a publicly available source code. The malware infected IoT devices were then directed to send massive waves of junk requests to a DNS provider.
The attack stopped the New Hampshire-based Dyn internet provider from carrying out its job of acting as a switchboard for the internet. As a result, internet users could no longer reach various popular websites. Other attacks are likely on the way, as the compromised devices that make up the botnet army are still out there unpatched.
According to internet security experts, much of the blame for Friday’s internet outage falls on the companies whose inadequate security standards made the attack possible. Among the alleged culprits are included top brand names such as Xerox, Samsung and Panasonic printers, according to the specialized website krebsonsecurity.com. The names on the list also include lesser known makers of web cameras and routers that reportedly made up the bulk of the botnet army.
New IoT Weapon
According to Computerworld, the new IoT weapon used in last Friday’s huge internet attack also took advantage of the products manufactured by a Chinese electronics component producer. The malware known as Mirai used vulnerabilities of these IoT products in order to perform the massive cyber attack that disrupted major internet sites in the U.S. Hangzhou Xiongmai Technology, a vendor behind internet-connected cameras and DVRs, said on Sunday that the IoT weapon exploited security vulnerabilities in its products such as weak default passwords.
According to security experts, the Mirai IoT cyber weapon has been infecting the devices in order to use them to launch huge distributed denial-of-service attacks. Mirai posed a huge risk for the Internet of Things, facilitating the illegal use of devices and hacker’s break-in. The new IoT weapon works by forcing IoT devices to form the massive connected network that is then used to flood websites with requests. This is effectively taking the sites offline by overloading them.