Internet of Things believed to be targeted in massive DDoS attacks
Scores of websites including PayPal, Reddit, Amazon, Spotify and Twitter were unavailable Friday as three separate distributed denial of service (DDoS) attacks disrupted the New Hampshire based server’s operations.
A DDoS attack occurs when a server is overwhelmed with traffic in a targeted attack. In this case, it’s believed that Internet of Things devices, which covers any object with an internet connection, were hit.
Dyn DNS believes tens of millions of these connected devices, including surveillance cameras, webcams and smart thermostats were infected with malware.
"It is a very smart attack. As we start to mitigate they react and start to throw something that's over the top,” Dyn chief strategy officer Kyle York said, as reported by Sky News.
The Department of Homeland Security is reportedly investigating the attack. A shadowy group which calls itself “New World Hackers” has claimed responsibility.
Our advanced service monitoring issue is currently resolved. We are still investigating and mitigating the attacks on our infrastructure.— Dyn (@Dyn) October 21, 2016
Cybersecurity experts have warned that IoT is an easily exploitable area in corporations and can be used effectively in mass cyberattacks.
Surveillance cameras are one example of this as the firmware tends to be similar across the board and contains a vulnerability that can easily be exploited, according to Tech Crunch.
The release of the source codes of botnets online has also made it easier for cyber attackers to launch a DDoS attack. IoT devices also have the disadvantage of not being able to run standard cyber security software.
Internet of Things is mooted to become the largest device market in the world, expected to reach double the size of the smartphone, PC, tablet, connected car and wearable market combined by 2019, according to a BI Intelligence report.