Last week, many Internet users found themselves having trouble connecting to websites such as Netflix, Spotify, The New York Times, Reddit, and many other popular websites. The cause of this outage was a series of DDoS attacks conducted by Mirai botnets, which targeted Dyn, a major Internet infrastructure organization.
One of the services Dyn offers is DNS, which allows computers to resolve host/website names to ip addresses. As a result of the attacks, many people were unable to access websites which use Dyn to serve their DNS records.
The botnets which conducted the attack in question are known as “Mirai” botnets. The source code for this botnet aggregator was release a few weeks ago, and as a result of it now being widely available, many attacks have been made using the program. The way this particular botnet works is by abusing Internet connected devices with default/unchangeable passwords. These devices primarily consist of ip cameras and digital video recorders, but can range between anything that’s connected, toasters, refrigerators, maybe even tampons. The program scans the internet en masse to find these devices, takes control of them using default credentials, and then commands each device to flood a host with traffic. One particular ip camera manufacturer came out to admit that “our products also suffered from hacker’s break-in and illegal use.”
This attack brings a new precedent, as it’s been quite a while since a cyberattack has affected so many individual widely used websites at once. Now that possibility of such an attack has been witnessed, it’s possible that even more attacks like this could happen.
(Written by Jon Kinney)
Live twitter feed of Mirai botnet attacks: