Webcams, toasters and refrigerators were attacking the Internet… cue the movie The Matrix!
Yes… toasters, refrigerators and webcams, among other things, were attacking the internet!
You probably noticed that at various points during the day a few weeks ago, you couldn’t get on the internet. Actually, you were on the internet, but a lot of the websites you’re used to visiting would not load.
Spotify, Twitter, Netflix and a host of other popular sites were unreachable.
The reason you couldn’t access some of your favorite pages was because a company that you’ve probably never heard of, called Dyn, came under a massive DDOS attack.
DDOS stands for “Distributed Denial of Service,” and basically, it means a whole lot of internet-capable devices flooded a company’s servers with tons of requests. Sooner or later, no matter how robust a company’s infrastructure is, it’s will to succumb to that kind of sustained, incessant attack, and when it does, servers will go offline.
In this particular case, Dyn handles DNS functions for a number of high-profile companies on the web. Basically, Dyn runs the network that allows your web browser to find CNN.com, Hulu, or whatever other web address you type in.
But, notice the phrase “internet-capable devices” in the paragraph above.
Most of the devices that took part in this DDOS attack weren’t PCs or smartphones. Instead, they were toasters, refrigerators, dishwashers, smart door locks and other assorted equipment.
Recent technological advances have made it possible for us to connect a growing array of devices to the internet, creating the “Internet of Things”.
However, there’s a problem with that. Most of the companies that make “smart” devices don’t bother with even the most basic of security measures, and the cheaper the device…. the worse the security.
The companies that do add security features to the ‘net-connected devices they sell tend to use free or cheap options that are easily cracked, and even then, they seldom bother with security updates.
This has created a situation where we have tens, if not hundreds of millions of unsecured devices on the internet that can easily be slaved by hackers to create vast ’botnet armies, which can then be used to execute attacks against the targets of their choosing.
The owners of such botnets can bring down big portions of the internet at will, as they recently demonstrated.
Our appetite for smart devices continues to grow, but we, along with the equipment manufacturers, continue to be largely indifferent about security features.
Which means that we can expect to see more attacks like this one in the months and years ahead, until we all get a lot more serious about digital security.