A giant botnet made up of zombie internet-connected devices (or IoT devices) was used to strike a massive Distributed Denial-of-Service attack (DDoS) against Brian Krebs’ website, the site of a well-known cybersecurity blogger, last month.
Some have estimated the botnet’s size may have been a million strong.
Worse, as Krebs reported on the 1 Oct:
“The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released, virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices.”
This botnet attack showed how poorly secured internet-enabled devices can wreak havoc for websites and providers alike.
It also serves as a reminder to think more broadly about passwords. It has moved way beyond desktops, laptops, tablets and smartphones. In other words, we all would be wise to pull up our bootstraps when it comes to internet devices.
What makes this DDoS so unusual is that it was made up of a myriad of internet-connected devices. We’re talking about devices like cameras, thermostats, lighting, baby and health monitors, home security systems – things one wouldn’t normally associate with at risk of being hacked.
The giant botnet, known as Mirai, was designed to scan internet for internet-connected devices, hammer the security with simple or popular passwords like “guest”, “support”, “user” “service” “admin” and “12345.” It seems they even tried having no password.
See the full list on CSO online.
Once a device is compromised, it can be turned into zombie device, where it is redirected to report an unauthorised central controller. This controller can then direct it and other compromised devices into working together to knock a website offline by flooding it with requests.
As previously mentioned, the Mirai DDOS attack was huge.
While “The attack did not succeed thanks to the hard work of the engineers at Akamai, the company that protects my [Kreb’s] site from such digital sieges. But according to Akamai, it was nearly double the size of the largest attack they’d seen previously, and was among the biggest assaults the Internet has ever witnessed,” wrote Krebs.
TBG Security is a leading provider of information security and risk management solutions for Fortune 100 and Fortune 500 companies. TBG designs and delivers cyber security solutions to work in harmony with existing operations. Companies depend on TBG services in areas including risk management, penetration testing, security policy development, security strategies for compliance, business continuity, network security, managed services, software and service integration and incident response.