A Chinese electronics component manufacturer says its products inadvertently played a role in a massive cyberattack that disrupted major internet sites in the US on Friday.
The attackers used hundreds of thousands of internet-connected devices that had previously been infected with a malicious code that allowed them to cause outages that began in the Eastern United States and then spread to other parts of the country and Europe.
The cyber attack that took down U.S. sites from Twitter and Spotify to CNN, Yelp and the New York Times on Friday was notable for its sheer size but also the fact that it employed internet connected devices, like cameras, to boost its firepower.
“Mirai is a huge disaster for the Internet of Things”, Xiongmai said in an email to IDG News Service.
Mirai infects internet connected devices. Requests to access sites are transmitted through DNS servers that direct them to computers that host websites.
“We are seeing attacks coming from a number of different locations”, said Dale Drew, chief security officer for Level 3 Communications, an Internet services company.
Surveillance cameras are one example of this as the firmware tends to be similar across the board and contains a vulnerability that can easily be exploited, according to Tech Crunch. But the popularity of new internet-connected gadgets has vastly increased the pool of potential devices they can weaponize.
Attacking a large DNS provider can create massive disruptions because such firms are responsible for forwarding large volumes of internet traffic.
In addition, “we observed [tens] of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack”, Dyn wrote. The websites were subjected to distributed denial of service (DDoS) cyberattacks, which attempt to flood a website with too much traffic to impair regular service.
Dyn, an internet performance management company, has revealed problems have been intermittent. To make matters worse, the developer behind Mirai has released the malware’s source code to the hacker community. All the same, it looks as though security experts are not convinced that those now claiming credit actually had anything to do with the hacks. Security firm Flashpoint confirmed a form of malware known as Mirai was used to hack products made by Chinese company XiongMai Technologies. Security experts have noticed the malware tries a list of more than 60 combinations of user names and passwords.