On Oct. 21, 2016, people from all around the United States reported difficulties with accessing major websites, such as Netflix, Twitter, or Spotify. The problems were a result of a Distributed Denial of Service Attack that was launched on that day and managed to disrupt servers of one of the biggest Domain Name Server hosts in the country, Dyn. Even though such attacks are not a new issue in the information technology, this attack was different as it used internet of things devices instead of regular computers.
Dyn, which is a company that offers Domain Name System (DNS) services, acts as an address book for the internet. A DNS is a system that translates websites’ addresses consisting of words, such as www.saintleo.edu, that are used in everyday life, into IP addresses consisting of numbers. The numbers are needed to display the content that the internet users want to see, as they refer to the servers on which the websites are hosted, according to wired.com.
Every time a user wants to see a website, the address typed into the web browser is translated into an IP address, and a request to an appropriate server is sent. Nevertheless, the servers can only respond to a limited number of request at a time, and it is possible that they receive more requests that they can handle. In such situation, the servers’ functionality might be interrupted, and other users might not be able to access their content, according to wired.com.
In fact, Dyn experienced such a situation on the morning of Oct. 21 as users who tried to access multiple websites that are hosted on the company’s servers reported that they could not do it, or the connection was very slow. Because of the scale of the company, the problems affected the internet users in nearly the whole east coast of the country, and the issues were spread towards the west later during the day, according to Forbes.com.
Wired.com states that the problems were a result of a Distributed Denial of Service Attack (DDoS). In this type of attack, a hacker infects a number of devices with a malicious program. The devices, which at this point are called a Botnet, are then used to send multiple requests to a server that the hacker takes as a target. The requests are sent to exceed the server’s capacity and interrupt its functionality or even make it unresponsive which happens because the server is not able to handle all the traffic.
Nevertheless, the attack that took place on Oct. 21 is not a regular DDoS as the hackers did not use regular computers to create the malicious traffic. Instead, the attackers had decided to infect devices that create the Internet of Things, according to The New York Times. The Internet of Things is a network of devices, such as printers, cameras, baby monitors, or even fridges, which are connected to the internet; but they do not serve as regular computers.
Millions of such devices were used in the attack launched towards Dyn, according to The New York Times. Because the hackers decided to use the Internet of Things, some people might wonder whether it was easier to do than launching an attack with a use of regular computers. The reason the situation is problematic is that more and more of such devices are being connected to the internet, and if their security level is lower that the security level of regular computers, more of such attacks might happen in the future, according to The New York Times.
An assistant professor of Computer Science and Computer Information Systems at Saint Leo University, Dr. Marwan Omar indicates that such devices might easily be used to launch a Denial of Service attack.
“The fact that those devices are connected and have IP addresses enables hackers to leverage that connectivity and use them for attacks such as Denial of Service attacks. Most of those devices have little to no security built into them, therefore, it makes them vulnerable to attacks and that’s why attackers exploit them,” said Dr. Omar.
The devices creating the Internet of Things are less secured than regular computers, and for the hackers, they might be an easier target than a laptop or desktop computer. For the hackers, the information is valuable especially when they plan to launch a DDoS that incorporates a large number of devices. The knowledge that the Internet of Things devices are an easy target for them might help the attackers to plan and launch attacks on a very large scale.
“More and more of our lives go online and we become more open, our openness can be used against us thereby making us more vulnerable to cyber-attacks,” said Dr.Omar. “Devices like cameras and printers are not equipped with security tools such as anti-malware and encryption thereby making them an easy target for cyber criminals,” he added.
These types of attacks might be even more problematic for entrepreneurs than they are for the internet users. While the people who browse the network to search for a website or a specific product might experience latency or unresponsiveness during the search, the entrepreneurs who host websites, online stores, or they simply advertise their product on social media to generate income, lose money with every attack that occurs and affects the services that they use.
Nevertheless, whether it is a regular internet user looking for information or an entrepreneur who has an online business, in order to prevent DDoS attacks, people have to work collectively. Because the main reason the DDoS attacks are so powerful is that a large number of devices are infected, securing the devices might help to prevent the attacks. In order to be infected, the devices have to be vulnerable to the attacks, and very often, the people who use them are the main reason for it as they do not care about security or they are unaware of how their activity on the internet might affect their devices.
“I think many of the attacks that happen nowadays are a result of human error or human negligence. I think we should always make our users part of the solution instead of making them part of the problem. We could educate our users and make them aware of basic security measures such as not clicking on hyperlinks from people they do not know or trust, never download software applications from sources unknown or untrusted and never disclose personal information to people you do not know or trust online,” said Dr. Omar.
Even though DDoS attacks are hard to prevent and stop once they occur, it is possible to decrease the probability of their occurrence. An article presented on thehackernews.com includes few guidelines that could help the users of smart devices connected to the Internet of Things to secure them and prevent future attacks.
Even though some of the guidelines require some technical knowledge, some of them are very easy to follow. The guidelines suggest changing default passwords on the devices that are connected to the network. Because the malicious software checks for default settings on such devices as they are known to the public, changing them might be the first step in preventing the device from being hacked.
Also, the author of the article indicates that it is important always to check if the software installed on such devices is up to date. If it is not, it is possible that it is no longer supported, and thereby, not secured. Therefore, checking for updates periodically might be a good solution to prevent attacks, as well.
More of the guidelines are available on thehackernews.com. Implementing them might not only help the device itself, but also it might contribute to the safety of the whole internet. Even though securing one device might seem to be not important based on the size of the internet. Nevertheless, security of the worldwide web starts with the security of the local networks, such as those in houses or offices. Because such networks are built of multiple devices, maintaining the security of every single one of them, is the key to maintaining the security of the whole network.