IoT Devices Used to Bring Down the Internet
Last week, millions of IoT devices were used to launch a massive wave of DDoS (Distributed Denial of Service) attacks on the managed DNS service Dyn. The attack brought down a big chunk of Internet in the US. Services for Amazon, Twitter, and many other major sites were down for many users.
This is the first attack of its kind involving IoT devices. Attackers behind the Mirai botnet scanned the Internet for IoT devices that were using factory defaults of stock usernames and passwords, then it hijacked those devices, using them to launch the DDoS attack.
Dyn’s Chief Strategy Officer, Kyle York said in a statement, “We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai botnet. We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack.”
Many device manufacturers, including Chinese vendor Hangzhou Xiongmai Technology, whose webcams and DVR were used in the attack, are recalling their devices. But that probably won't fix the problem, since many users may not even be aware of such attacks and will continue to use their IoT devices with default settings.