The U.S. government said Monday that it will release in the coming weeks a set of principles for securing the Internet of Things, or Internet-connected devices, which were employed partly by hackers to carry out Friday’s cyberattacks that disrupted major U.S. websites.
U.S. Secretary of Homeland Security Jeh Johnson said Monday his department is “closely monitoring” events arising from the distributed denial of service attacks on a domain name services company called Dyn on Friday, which caused major services such as Twitter, Paypal and some other U.S. websites to be inaccessible for about two hours for many users, especially those on the U.S. East Coast.
According to Johnson, his department has convened a conference call of about 18 major communication service providers to share information about the incident later that day.
“At this time, we believe the attack has been mitigated,” Johnson said in a statement. “We have shared relevant information with our partners.”
Johnson said this incident was partly carried out by a malware called Mirai that compromises Internet of Things devices, such as surveillance cameras and entertainment systems connected to the Internet.
He said the department’s National Cybersecurity and Communications Integration Center is working with law enforcement, the private sector and the research community to develop ways to mitigate against this and other related malware.
“The Department has also been working to develop a set of strategic principles for securing the Internet of Things, which we plan to release in the coming weeks,” he added.
In a statement released Saturday, Dyn called Friday’s incident “a sophisticated, highly distributed attack involving tens of millions of IP addresses.”
“The nature and source of the attack is under investigation, but it was a sophisticated attack across multiple attack vectors and internet locations,” the company said, confirming that one source of the traffic for the attacks were devices infected by the Mirai botnet.
“We observed tens of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack,” it said.
Mirai is a malware that primarily targets the Internet of Things devices such as remote cameras and home routers, turning them into remotely controlled botnets that can be used in large-scale network attacks, like the one on Friday. Its source code has recently been published in hacker forums as open-source. (Xinhua)