Your refrigerator brought down Netflix

Mike McQueen, Multimedia Manager

Possibly the largest cyber attack ever was initiated on Friday, Oct. 20, while the attack affected several countries it seems the United States was hit the hardest.  It is nearly impossible to tell if the United States specifically was the target or if DYN, the company that was hit, is more widely used the U.S. more.  The effects were felt for most of the day, while it disrupted many major websites like Twitter, Netflix, Time-Warner, Spotify and Reddit, to name a few.  
The attacks were perpetrated in three waves throughout the day; as soon as DYN began to get one under control, another began.
The company in question is an obvious target, because their business is to support websites and keep them online by directing traffic and ensuring they stay up. This makes attacking a specific website less attractive because it will be easier for whichever company is supporting that site to shift things on the back end to get it back up and running in short order. On the other hand, attacking a service like DYN allows them to cripple many websites all at once. DYN, for their part, performed admirably and have since posted reports outlining the attack which will be helpful for others to dissect and prepare for the next attack, because there will always be a next attack.
The most important aspect of this incident is the way in which it was performed, not simply that it was a massive DDOS (Directed Denial of Service) attack, but that it was on the back of IOT (Internet of Things) devices.  
DDOS attacks are old hat for hackers, and are performed by taking advantage of something called a botnet, which is a group (think in the hundreds or thousands) of devices infected by a virus placed there by said hacker.  This virus is activated and directs the infected computer to request information from the target server as these requests are multiplied soon servers are overwhelmed and then become unavailable for legitimate users.


Antivirus programs work hard to help clean infected computers, and while a few continue to be infected, most are taking out of the botnet and therefore the hackers must work hard to infect more computers.
Enter the IOT devices.  These include any kind of appliance that connects to the internet from the seemingly silly internet connected refrigerator to internet connected cameras.  Unfortunately there is little to no security for these devices, and now hackers are taking advantage of them.  These devices need more rigorous security from the beginning and regular updates. 

More:

Visit Dyn – and there Updates of the attack

How do DDOS attacks work

Gizmodo Article about this attack

Internet of things Security concerns paper

Facebook Comments Box