Last Friday many Americans woke up to extremely slow or nonexistent internet services after a cyber attack "of unknown origin" on DNS service provider DYN took down much of the internet in the North East. As the day wore on, the attack spread across the country taking out numerous large websites including Twitter, Spotify, Reddit, eBay and the New York Times (we wrote about it here: "DNS Cyber Attack Returns As Northeast Internet Traffic Grinds To A Crawl For Second Time").
Some immediately accused Putin of taking down the US internet in retaliation for accusations of cyber attacks on the Democratic party and Hillary Clinton, although there was no official statement from the US.
Now, while the origin of the attack is still unknown (even though we're sure that Hillary's "17 intelligence agencies" have their suspicions), we're getting a better idea of how the attack was executed. According to Bloomberg, Internet-connected CCTV cameras made by a Chinese firm, Hangzhou Xiongmai Technology Co., were infected with malware that allowed hackers to takeover "tens of millions" of devices to launch the distributed denial-of-service (DDoS) attacks.
A Chinese security camera maker said its products were used to launch a cyber-attack that severed internet access for millions of users, highlighting the threat posed by the global proliferation of connected devices.
The attackers hijacked CCTV cameras made by Hangzhou Xiongmai Technology Co. using malware known as Mirai, the company said in an e-mailed statement. While Xiongmai didn’t say how many of its products had been infiltrated, all cameras made before September 2015 were potentially vulnerable.
The attack, which took down sites including Twitter, Spotify and CNN for long stretches, underscored how hackers can marshal an increasing number of online gadgets, collectively known as the Internet of Things, to disrupt the internet on an unprecedented scale.
“Mirai is a huge disaster for the Internet of Things. XM have to admit that our products also suffered from hacker’s break-in and illegal use," Xiongmai said in its e-mail.
Security professionals have anticipated an increase in attacks from malware that target connected gadgets. In Friday’s instance, hackers launched a distributed denial-of-service (DDoS) attack using tens of millions of malware-infected devices connected to the internet, according to Kyle York, Dyn’s chief strategy officer.
Seems the "internet of things" has it's downsides.