Friday’s attack saw some of the biggest players on the web – Twitter, Reddit, Spotify, Netflix and more – go down as the result of a distributed denial of service (DDoS) attack on Dyn, a domain name system provider (DNS). When users can’t get to services we use every day, as was the case with Friday’s attack, it is of concern. Much of the attack traffic came from Internet of Things devices compromised by the Mirai botnet malware.
But on Wednesday, Dyn provided new findings, saying Mirai-infected devices were actually the primary source for Friday’s internet disruption. “While it’s not uncommon for Dyn’s Network Operations Center (NOC) team to mitigate DDoS attacks, it quickly became clear that this attack was different”, said York.
Security researchers found parts provided by Hangzhou Xiongmai were targeted in last week’s cyber attack.
Hackers were able to use home devices in such a way because many have unchangeable factory settings for usernames and passwords – and experts say those made in China are particularly problematic in this respect.
The company has also said that it’s going to release a software patch to increase the product’s defenses against similar attacks in the future.
A massive hacking attack was held a few days ago that leads to the worldwide internet outage.
Baby monitors, web cameras, thermometers, smart TVs, DVRs, even cars are all part of the burgeoning “internet of things”.
What can you do to protect yourself?
The new IoT weapon works by forcing IoT devices to form the massive connected network that is then used to flood websites with requests. This facility allows customers to use products right out of the box without a lengthy setup; however, many users skip over resetting the password at initial use, making the device vulnerable to malicious entities.
“Since [September 2015], XM has set the device default Telnet off to avoid the hackers to connect”, the company said. “The password is hardcoded into the firmware, and the tools necessary to disable it are not present”.
“The devices are often operated with the default passwords, which are simple for bot herders to guess”, Level 3 stated.
“If [the device] connects through your home router, that needs to be properly configured”.
It may have been just a matter of coincidence that at the time of the attack, there were more XiongMai devices available.