DZone
Thanks for visiting DZone today,
Edit Profile
  • Manage Email Subscriptions
  • How to Post to DZone
  • Article Submission Guidelines
Sign Out View Profile
  • Post an Article
  • Manage My Drafts
Over 2 million developers have joined DZone.
Log In / Join
Refcards Trend Reports Events Over 2 million developers have joined DZone. Join Today! Thanks for visiting DZone today,
Edit Profile Manage Email Subscriptions Moderation Admin Console How to Post to DZone Article Submission Guidelines
View Profile
Sign Out
Refcards
Trend Reports
Events
Zones
Culture and Methodologies Agile Career Development Methodologies Team Management
Data Engineering AI/ML Big Data Data Databases IoT
Software Design and Architecture Cloud Architecture Containers Integration Microservices Performance Security
Coding Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
Culture and Methodologies
Agile Career Development Methodologies Team Management
Data Engineering
AI/ML Big Data Data Databases IoT
Software Design and Architecture
Cloud Architecture Containers Integration Microservices Performance Security
Coding
Frameworks Java JavaScript Languages Tools
Testing, Deployment, and Maintenance
Deployment DevOps and CI/CD Maintenance Monitoring and Observability Testing, Tools, and Frameworks
  1. DZone
  2. Data Engineering
  3. Big Data
  4. Attack of the Internet of Things

Attack of the Internet of Things

Our digital world faced a massive cyber-attack on October 21. Popular sites were hit by a DDoS attack that utilized IoT. See how it happened, and what might come from it.

Priyanka Tiwari user avatar by
Priyanka Tiwari
·
Oct. 31, 16 · News
Like (1)
Save
Tweet
Share
4.23K Views

Join the DZone community and get the full member experience.

Join For Free

Cyber-attacks are not new to the internet community; the web admins, IT-Operations and security professionals and service providers – all have their guards up to prevent service disruptions and mitigate the aftereffects. Then why is everyone so shocked about the Friday attacks? What was so different about them? In simple terms – the scale and the source.

s

How Was This DDoS Attack Different?

A distributed denial of service attack typically uses large networks of compromised servers or computers to send massive amount of false traffic to the sites, eventually overwhelming them and shutting them down. Does this sound familiar?

Because sadly, this is the second instance of a massive DDoS attack reported in less than two months. In early September, a security journalist’s website KrebsOnSecurity.com got hit with a 620 Gbps attack — nearly the double the size of the largest attack Akamai had seen before.

In case of Friday’s attack, someone overwhelmed the DNS service provider Dyn. DNS service provider companies basically act as a bridge between the URLs you use on your browsers and the IP addresses associated with them. By targeting a DNS provider, the attackers could bring down end customers who use Dyn’s service. Dyn confirmed that the multi-wave attacks were carefully planned and executed and involved 10s of millions of IP addresses. Dyn also updated the internet community on mitigation plans by their operations and security teams.

Source of the Attack: The Mirai Botnet?

The biggest concern with this particular attack was the source of the junk traffic – the so-called ‘Smart’ devices like Internet-enabled refrigerators, television, cameras, printers and other seemingly harmless household appliances. These devices were infested with Mirai botnet.

The malware Mirai manipulated vulnerable smart technology devices that were meekly protected by factory default usernames and passwords. Mirai made the source code publicly available on the ‘dark web’, the source code clearly reveals the list of device manufacturers along with default usernames and passwords that started the junk traffic.

Proactive Monitoring Tools Can a Give Heads Up

Advanced Synthetic Monitoring platforms like AlertSite cannot prevent such cyber-attack, but it can certainly give the web administrators and the IT-ops team a heads up within the first few minutes of the attack, so that they can take the necessary measures to keep the site from going down for an extended period of time. We saw spikes in DNS data for our customers and notified them about it on Friday.

a

The run errors seen in the image above triggered alerts and notified the user on DNS issues.

untitleds

Attack of the Internet of Things

Before these attacks, the Internet of Things seemed like a utopia of Smart living. Smart home, where every appliance and electronics device is connected and is operated on your fingertips, is a ‘dream come true’ for any modern consumer. However, security concerns seemed to take a back seat as brands kept romancing about the endless possibilities of IoT. We all have read many instances of IoT device being hacked from hundreds of miles away.

The Internet of ransomware things by JoyOfTech.com

The Internet of ransomware things by JoyOfTech.com.

Mirai malware can penetrate millions of IoT devices and can turn them into ‘bots’. The devices infected with the malware can be controlled from a central system and can be used to launch an attack on one or more websites.There are nearly half a million Mirai powered bots already running worldwide, according to the telecommunication and ISP company level 3 communications.

Going Forward

Forbes claims that there are hackers now selling and renting infected IoT devices to trigger future cyber-attacks. $4,600 can buy 50,000 bots and $7,500 can buy 100,000 of these malicious bots. The devices they choose as hosts for this malware are everywhere, and are vulnerable to security breaches with default vendor defined ‘factory default’ passwords like 1111 or 1234. This means that the attacker can easily build up a vast swarm of such spiked devices and send great volumes of traffic towards international targets.

Attacks like these stir up discussion around the root cause of such attacks as well as the prescriptive, predictive and preventive technologies and tools. Organizations can use this opportunity to educate themselves on the topic and remove vulnerabilities, if any. We encourage the users of smart devices – you and I – to understand the vulnerabilities, security measures and impact of such attack. So please update your usernames and passwords from admin/admin, take password security seriously and keep these smart machines as up to date as possible. Cyber-attacks affect all of us in one way or another and we are in this together.


IoT Internet (web browser)

Published at DZone with permission of Priyanka Tiwari, DZone MVB. See the original article here.

Opinions expressed by DZone contributors are their own.

Popular on DZone

  • Using the PostgreSQL Pager With MariaDB Xpand
  • Debugging Threads and Asynchronous Code
  • Web Application Architecture: The Latest Guide
  • How To Generate Code Coverage Report Using JaCoCo-Maven Plugin

Comments

Partner Resources

X

ABOUT US

  • About DZone
  • Send feedback
  • Careers
  • Sitemap

ADVERTISE

  • Advertise with DZone

CONTRIBUTE ON DZONE

  • Article Submission Guidelines
  • Become a Contributor
  • Visit the Writers' Zone

LEGAL

  • Terms of Service
  • Privacy Policy

CONTACT US

  • 600 Park Offices Drive
  • Suite 300
  • Durham, NC 27709
  • support@dzone.com
  • +1 (919) 678-0300

Let's be friends: