Author

Matt Mills

Browsing

The Internet of Things (IoT), as it’s known, has the ring of a friendly and harmless entity. But hackers recently showed the IoT’s dark side.

The dark side of the IoT lies in its inherent insecurity; for evidence, look no further than the [link url=”https://amuedge.com/major-ddos-attack-slams-east-coast/” title=”massive DDoS attack”] that struck the U.S. on Friday. All told, the attack took down large websites like Twitter, Etsy, Github, Soundcloud, Spotify, and Shopify.

The blame for the attack lies squarely on the thousands of highly insecure IoT devices that dot the U.S. map. And the list of possible culprits is long. The list of connected devices that may pose security concerns includes security cameras, smart thermostats, baby monitors and more.

The Internet of Things (IoT) Generally refers to the connectedness of various devices. IoT devices include phones, buildings, vehicles, and a growing list of appliances and other devices. The IoT is the central force fueling the increasingly connected modern day society.

An historic attack?

Dyn, an Internet Performance Management company, received the brunt of the recent attack. Following the incident, the company [link url=”http://hub.dyn.com/static/hub.dyn.com/dyn-blog/dyn-statement-on-10-21-2016-ddos-attack.html” title=”released an official statement”] about the attack in an effort to bring some clarity.

According to Dyn, the Distributed Denial of Service (DDoS) attack on Friday, October 21 targeted Dyn’s Managed DNS infrastructure. The company called it an “historic attack” that involved tens of millions of IP addresses. With investigation still pending at the time of the statement, Dyn did specificy the Mirai botnet as one source of the traffic for the attacks. More specifically, devices infected by the Mirai botnet served as a main source.

Mirai botnet

[link url=”https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/” title=”Experts largely corroborated”] the theory of the involvement of the Mirai botnet in the days following the DDoS attack.

So, while some details remain murky, the belief that [link url=”https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/” title=”hacked cameras, DVRs, and other IoT devices”] played a major role in the attack remains steady.

One electronics manufacturer in particular — XiongMai Technologies — could be an inadvertant main player in the attack. Reports point to compromised digital video recorders (DVRs) and IP cameras from XiongMai Technologies as central to the massive DDoS attack.

[relink url=”https://amuedge.com/iot-devices-targeted-large-scale-attacks/” url2=”https://amuedge.com/symantec-iot-devices-heavily-targeted-hackers/”]

Emergency and disaster management briefing for October 7, 2016: Hurricane Matthew approaches Florida as officials order more than 2 million to evacuate, various regions in southeastern U.S. make emergency declarations in anticipation of maybe the most powerful storm to hit the U.S. in 10 years, the death toll in Haiti associated with Matthew rises sharply, investigators determine that the speed of the New Jersey commuter train was twice the legal limit when it crashed, firefighters make quick progress on a big Colorado blaze, and Russia warns the U.S. not to intervene in Syria.

Emergency and disaster management briefing for September 26, 2016: Washington authorities capture the suspect of a deadly mall shooting, Charlotte officials release video of a fatal police shooting and lift a citywide curfew, certain states take steps to limit the future release of police footage, heavy rains cause major flooding in parts of the Midwest, New York officials aim to overhaul the smartphone emergency alert system, Native American tribes battle against oil pipeline construction, and the USDA recalls meat products due to E. coli concerns.

Emergency and disaster management briefing for September 23, 2016: Tulsa County charges police officer Betty Shelby with manslaughter, Charlotte protests continue for a third night, the debate about releasing the Charlotte shooting video intensifies, Yahoo announces the largest known data breach ever, a migrant boat carrying hundreds capsizes off the coast of Egypt, firefighting crews make major progress battling a California fire, and LaGuardia Airport has a major scare.

Emergency and disaster management briefing for September 16, 2016: A gasoline pipeline spill in Alabama causes big problems on the East Coast, scientists say that moon phases can trigger large earthquakes, Tropical Storm Julia lingers near the Carolinas, a Columbus police officer fatally shoots a 13-year-old, Zika cases continue to rise in Florida, and both West Virginia and Louisiana struggle to recover from devastating floods.