Friday, October 21st a massive cyber attack took place, which shutdown Internet giants such as Twitter, Netflix, Spotify and more, leaving people frantically searching for answers after hackers deployed a DDoS (distributed denial of service) on Internet services firm Dyn in the early hours of Friday morning. Wreaking havoc on our most beloved go-to sites, the attack was a beast unlike any we’ve seen.
The attack utilized a botnet made up of “internet of things” (IoT) devices (think: smart TV’s, DVRs, and internet-connected cameras) to take down a major piece of internet infrastructure.
It remains to be seen if this attack will be launched again, but there is no doubt that it inspired would-be hackers to build more botnet armies using the wealth of unsecured IoT devices and readily available malware. It’s unclear what mischief they’re planning, but if hackers are able to make much of the internet unusable, say, once or twice a month, it will totally change how the web works.
How they get in
An attacker gets into your device by using a piece of computer code that searches for any internet-connected devices that have default settings.
This means if you haven't updated your login and password from admin and admin, you are probably being targeted. The malware code scans the internet looking for these devices, which it can then enter and turn into zombies later used to launch an attack on a particular target.
What can we do?
Mashable offers some great advice:
"But how do you stop this happening? With the average person becoming more and more connected to the internet and introducing more and more devices into their network, being security aware is more important than ever.
These attacks are just going to grow in size the more devices become connected. At the moment the average person might have two devices, in four years, they might have 10.
Update, update, update
The easiest way is to make sure you install automatic updates.
"Keep your machines as up to date as possible. Keep your IoT devices as up to date as possible. When they send out updates, don't ignore those," Justin Fier, director for cyber intelligence and analysis at Darktrace, told Mashable.
It's not just the internet that is at stake. This kind of simple security procedure will make sure none of your devices are part of some zombie-machine horde, as well as ensure that whoever controls these devices can't cause problems in your home.
"What if somebody could control the thermostat and crank the heat up all the way? Or turn a coffee maker on when you're not home?" Fier said.
Be kind, reboot
Making sure your connected devices are secure can be as easy as restarting them.
Reboots can wipe malicious code from the memories of connected devices. That's only a temporary fix, however, as the device can still be susceptible to new scans that then reinstall the malicious code.
The proliferation of internet-connected devices combined with the growing acceptance of technology into our personal lives has created a general need for what Fier calls "good cyber hygiene."
Making sure your home devices aren't being hacked is the kind of basic tech device that we need to internalize much like "don't click on links you shouldn't be clicking on," he said.
Fier noted that this is particularly important as people begin buying more devices for their homes that connect to the internet.
'Four years ago, your house only had a router and maybe a computer per person, now you've got on average, for the typical household of four, eight devices connected to the internet,' he said. 'Let's put three TVs on top of that, Amazon fire stick or Apple TV. We are already up to a dozen devices and people aren't watching the activity.'"
Need more help?
At SpyderWeb, we care about your digital security. Whether it be at home or at work. If you would like more information on improving your digital security, we would be happy to help!
You can contact us here!