Last weeks Denial of Service attack
By this time, most of you have read, or are aware of, the massive internet disruptions that occurred on October 21. Many popular sites: Twitter, Amazon, PayPal, Netflix, and others, became unavailable. The cause of this was a highly sophisticated denial of service attack on their DNS service provider, Dyn.com. What most people don’t realize is that attacks such as this are only possible because the average computer user may have unknowingly helped the hackers. If this sounds absurd, then this blog post is for you. Learn how to protect your network from being used by hackers for their nasty deeds.
To fully understand the risks associated with these types of attacks and how our personal and business computers play a role, let’s first look at what happened last week.
On October 21, Dyn’s servers became overwhelmed with internet traffic, so much so that they could not provide critical services for their client’s websites. This flood of traffic essentially created a traffic jam…nothing moved. All of this internet activity was initiated by hackers who used millions of devices around the world to send normal internet requests, at the same time, to Dyn’s servers. This type of attack is called a Distributed Denial of Service attack (DDoS). DDoS attacks have been occurring for years, but never on such a large scale. So, where did the hackers get all of those devices that were required to conduct such an attack? From all of us.
DDoS attacks require lots of internet traffic to be effective. Many of us know that as internet traffic goes up, speed goes down. The classic example of this is when a popular band is coming to town and online ticket sales open to the public. Users usually experience a slow down or inability to even access the ticket site due to the large amount of traffic. In this case, the traffic is legitimate. In a DDoS attack, the hackers essentially create an enormous amount of bogus traffic. They do so by commandeering millions of computers and other network devices and instructing those systems to send requests to a website(s) at a specific time. But, how do they do this?
In the case of the Dyn attack, the hackers used a program called Mirai to scan the internet for connected devices that are protected only with their default usernames and passwords. Once they have access to the device, they instruct the device to send an internet request to a Dyn website. In this case, they were able to commandeer tens of millions of devices. These devices were primarily webcams, DVR’s, VOIP phones, network printers and routers. The FBI has also issued a list of other devices that are highly susceptible to being infiltrated: network attached thermostats, door locks, garage door openers, heart monitors, smart TV’s, baby monitors and almost any item that is connected to your home network. The risk of using these non-computing devices on your network extends beyond just DDoS attacks. If a hacker can access the device, they can then access other devices on the network such as: computers, tablets and smartphones. Once they have access to these computing devices, they can launch various types of malware designed to spy on your activities, capture your passwords, and lock your data…almost anything.
So, to protect yourself from hackers using your devices to launch attacks both within your network and beyond, here’s what the experts recommend:
Set strong passwords on your router (do not use the default passwords that came with your router)
Many routers allow more than one network to be setup, if so, use one just for your non-computing devices and another just for your computing devices
Disable Universal Plug and Play (UPnP) on your router
With the proliferation of devices that can connect to your wireless network, many of these devices have little to no security features. Before you purchase a wireless device that will attach to your network, be sure the device has the ability to be password protected. If so, make sure you use a strong password, do not rely on the password that came with the device. Also, make sure its firmware can be updated. If a manufacturer discovers a vulnerability within a device, they will typically release a firmware update. You need to have a device that will notify you that new firmware is available.
In summary, security is becoming more complex, and more important than ever. The hackers who prey on people and businesses are increasingly becoming more sophisticated. If there is just one thing you can do to increase your on-line security, it’s this: don’t blindly add things to your home or business network without insuring they are secure, and then make sure you keep them secure by using strong passwords and updating their firmware when required.
Resources used for this article:
FBI Cyber-crimes website (https://www.fbi.gov/investigate/cyber)
Krebs on Security (www.krebsonsecurity.com)
Plus other sites too numerous to mention