Internet Outage Shows How Sophisticated Attacks Can Target Your Home

Last week's internet outages began in the Eastern United States and spread to other parts of the country, South America and Europe. NBC News
Last week's internet outages began in the Eastern United States and spread to other parts of the country, South America and Europe. NBC News

(NBC News) Cyber crime has moved closer to home than ever. The cyber attack that slowed many popular websites to a crawl last week is attracting new scrutiny to the security of the so-called “Internet of Things.”

The attack last week used a new type of malware that takes control of tens of millions of personal devices connected to the internet — including home routers, baby monitors and cameras — without their owners’ knowledge.

It was aimed squarely at Dyn, a New Hampshire tech company that monitors and routes traffic for major internet companies, including Airbnb, Etsy, Spotify and Twitter and popular news sites like The New York Times, The Financial Times and CNBC.com.

Related: Who Shut Down the Internet Friday?

The co-opted smart devices then worked in concert to overwhelm Dyn’s systems with junk traffic, crippling access to their clients’ sites for several hours.

The FBI and the Department of Homeland Security are investigating the attack.

Cyber crime has moved closer to home than ever. The cyber attack that slowed many popular websites to a crawl last week is attracting new scrutiny to the security of the so-called “Internet of Things.”

The attack last week used a new type of malware that takes control of tens of millions of personal devices connected to the internet — including home routers, baby monitors and cameras — without their owners’ knowledge.

It was aimed squarely at Dyn, a New Hampshire tech company that monitors and routes traffic for major internet companies, including Airbnb, Etsy, Spotify and Twitter and popular news sites like The New York Times, The Financial Times and CNBC.com.

The co-opted smart devices then worked in concert to overwhelm Dyn’s systems with junk traffic, crippling access to their clients’ sites for several hours.

The FBI and the Department of Homeland Security are investigating the attack.

In an interview Sunday at Dyn headquarters, Chief Strategy Officer Kyle York called the attack “absolutely unprecedented.”

“What we discovered [was that] it was a part of an botnet attack called the Mirai botnet, which basically goes into folks’ homes and takes over Internet of Things devices and literally turns them into attack vectors,” York said.

CNBC: How an Army of Vulnerable Gadgets Took Down the Web

A senior U.S. intelligence official and other cyber experts told NBC News that the attack was likely not to have been state-sponsored.

Hangzhou Xiongmai Technology, a Chinese component manufacture whose technology is used in digital video recorders and cameras, said in an email to tech industry publicationsSunday that the attack appeared to have exploited security vulnerabilities involving weak default passwords in its products.

That doesn’t ease the minds of millions of people who connect to the Internet of Things (often abbreviated as IoT) on a daily basis.

Kari Giordano’s family uses smart devices for cameras, lights, music and thermostats and the garage door.

“It’s like a contradiction, because you’re doing something to keep yourself safe and you’re opening yourself up to who knows what,” Giordano said. “It’s disconcerting. It’s frightening, especially with kids.”

Related: Dyn Says Cyber Attack ‘Resolved’ After Services Shut Down

Cyber attacks on smart-home devices are expected to grow exponentially in the coming years. According to Gartner, a technology research company, an estimated 6.4 billion connected devices were in use last year. By 2020, that number is expected to more than triple to 20.8 billion devices.

York encouraged consumers to think carefully about what and when they connect devices to a cloud or even to the internet in general.

“Think of a domain name or website as the same as a storefront of a brick-and-mortar store, and think about all the things that go into that store,” he said.

“It’s the electricity, it’s the plumbing, it’s the flooring, it’s the heating, it’s the sale systems, it’s the filing cabinets,” York said. “If you think about it in a real physical way, behind every website on the internet, it’s the same thing.”

To protect your privacy and security, experts recommend:

  • Learning how your connected devices work and determine whether they’re internet-enabled.
  • Follow security instructions to change default passwords on all devices (including those that may not have obvious passwords).
  • Update hardware with the latest software and consider using an internet hub at home for any smart-home hardware

 

MEDIA GENERAL may allow you to upload, post, transmit or otherwise provide content to MEDIA GENERAL Web sites, including, but not limited to, photos, video, audio, comments, articles, blogs, forums and any other such communication in which you provide content to the Web site ("User Content"). You agree that you are solely responsible for your communications and any content you provide. Read full terms and conditions of use by clicking here.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s