You may have noticed that the Internet was acting a little strange for a couple of hours last month. This was the result of a massive Distributed Denial of Service attack against one of the biggest DNS providers in the United States. What’s more, in the wake of this attack, professionals have discovered the surprising cause.
First, a little bit about how DNS works. The Domain Name System is an Internet service that looks at a website’s domain name and translates it into an IP address. The DNS service is then responsible for redirecting the traffic to the appropriate IP address. Dyn is one such provider, which means that its affected clients would have had their websites experiencing issues with the name resolution throughout the duration of the attack.
Due to the attacks on Dyn, many sites experienced significant issues on October 21st, 2016. These services include Twitter, Amazon, Tumblr, Reddit, Spotify, and Netflix, among plenty of others. The attack began at roughly 7:00am EST. This first wave of attacks was resolved by Dyn within two hours, but a second wave struck around 1:00pm, which was resolved in just over an hour. Dyn claims that at no point during the attacks was there a network-wide outage. A third attack was soon thereafter mitigated without affecting customers, and according to NetworkWorld, the attacks continued until well past 7:00pm.
The DDoS attacks themselves are somewhat interesting. It’s clear that this was a very sophisticated attack, involving 10s of millions of IP addresses, all flooding Dyn’s services with network traffic. The results were felt all around the world in regional Dyn data centers.
The root of the cause: a botnet created by devices infected by the Mirai malware. The way that Mirai works is by searching through the Internet for Internet of Things devices that haven’t changed their default usernames and passwords. It’s estimated that, in addition to other suspected botnets, these attacks utilized somewhere between 50,000 to 100,000 IoT devices, including cameras and DVRs.
This event just shows how dangerous Internet of Things devices can be when mishandled, as well as why it’s important that your employees secure their devices. This is especially true if your employees actively use Internet of Things devices in the office on your company network. A mobile device management solution offers your business the best way to keep your business’s devices protected. Any good Bring Your Own Device policy should include a mobile device management solution that can control access to data and secure devices from external and internal threats.
To learn more, reach out to us at (954) 739-4700.
Comments