For several years now companies have been heavily marketing "smart" devices that are supposed to improve every facet of our lives, but were rushed too quickly to market with little to no functional security. As hacked vehicles and refrigerators that leak your gmail credentials make clear this is a notable problem. But there's another layer that's raising its ugly head: the fact these devices can now be hijacked and incorporated into botnets to launch larger DDoS attacks than we've ever seen before.
Last month, a record-setting 620 Gbps DDoS attack was launched against security researcher Brian Krebs.
But since then that record has already been shattered with the help of the internet-of-not-so-secured things contributing to DDoS attacks larger that 1 Tbps. The release of the Mirai source code makes compromising IOT devices for use in botnets easier than ever.
Last week, a DDoS attack leveraged against DNS provider Dyn managed to bring several companies and services to a screeching halt. And according to analysis of the attack by security firm Flashpoint, at least a portion of the attacking army was devices infected with the help of the Mirai malware.
"Mirai malware targets Internet of Things (IoT) devices like routers, digital video records (DVRs), and webcams/security cameras, enslaving vast numbers of these devices into a botnet, which is then used to conduct DDoS attacks," notes the firm. "Flashpoint has confirmed that at least some of the devices used in the Dyn DNS attacks are DVRs, further matching the technical indicators and tactics, techniques, and procedures (TTPs) associated with previous known Mirai botnet attacks."
A separate statement by Dyn confirmed Mirai and the IOT's involvement in the attack.
"We can confirm, with the help of analysis from Flashpoint and Akamai, that one source of the traffic for the attacks were devices infected by the Mirai botnet," said the company. "We observed 10s of millions of discrete IP addresses associated with the Mirai botnet that were part of the attack."
The entire affair is, yet again, another warning that we need to dramatically shore up security of IOT devices lest the next attack, as researcher Bruce Schneier has warned, takes aim at necessary core infrastructure and puts a significant number of lives at risk.
»twitter.com/jjarmoc/stat ··· 1267328
read comment(s)