How the Dyn DDoS attack crippled the internet and how to protect from similar attacks
Imagine life in your city if all of the street signs suddenly vanished?
That is fairly close to what happened on large parts of the internet last week after a series of large and sophisticated Distributed Denial of Service (DDoS) attacks on US internet performance management company Dyn.
With Dyn effectively providing the easy to read internet addresses to a host of big companies including Twitter, Amazon, Reddit, Netflix, New York Times, Pandora and Pinterest to name a few, millions of internet users who just type in these names were suddenly left flying blind.
There are many theories about where the attack might have come from and what motivated it but the important thing is to work out how to limit your vulnerability to such an attack.
This is thought to be the largest DDoS attack ever perpetrated and it used two special ingredients – smart home devices that are part of the internet of things and a recently released botnet known as Mirai.
The Mirai botnet grabbed control of these smart devices and then used them to send requests to Dyn from tens of millions of different IP addresses, effectively jamming Dyn’s computer servers.
It shows that the “Internet of Things” can be a two-edged sword and can literally “break the internet’’, particularly if many of those smart devices people own are able to be easily hijacked and used in this sort of attack.
So what can you do to prevent being part of such attacks?
Well, one of the easiest ways is to make sure that you turn off remote access to smart devices such as cameras, printers, routers and other smart devices on your network if you can.
If the device lets you restrict access to your local network only, that can also be an important safeguard.
Another thing to be careful about is leaving default usernames and passwords such as root/root or admin/admin, which are easy for criminals and hackers to use. No matter how secure you think the default password might be, always change it to something secure. You should not need to login to these devices very often, so making the password long and random should not be a problem, but make sure to record it somewhere safe because you will probably not remember it.
There are many other things to consider from a home or business perspective.
Are all of the firmware updates on your router applied and are operating systems patched up-to-date? If the device can be set-up to automatically update, consider enabling this capability so that security holes are closed progressively.
Consider a stronger firewall – even for home – and remember to always check any new smart devices thoroughly for firmware updates and to turn off remote access BEFORE adding them to your network. Your firewall should also be configured to deny external access to devices on your network, leaving only publicly available services accessible to the Internet.
DDoS attacks are no longer minor inconveniences and may become bigger and more damaging as botnets can amplify the impact of attacks and although DNS remains vulnerable to attack and needs better security, other services may also be targets in the future.