Hackers were successful in launching a major and sophisticated cyberattack on the internet using very common devices including webcams and even digital recorders. They were able to cut-off access to some of the world’s leading and best known websites on Friday, October 21st, raising eyebrows across the board and raising even more concern about cybersecurity threats. This feat, if you may, was described by many experts as an alarming breach of worldwide internet stability.
The attacks targeted well-known social media favorites such as Twitter, PayPal, Spotify and well-known others, all having one feature in common: being customers of a New Hampshire-based infrastructure company in northeastern United States going by the name of Dyn, involved in playing the role of a switchboard to govern internet traffic.
The internet-connected devices the attackers took advantage of were already infected using a malicious code allowing the infiltrators to inflict extensive damage, beginning with the U.S. eastern coast, spreading across the American continent and also finding its way to Europe.
The challenge came in the complexity of the cyberattack, making it even more difficult for Dyn to cope with. The attack has provoked an investigation launched by the U.S. Homeland Security Department and the FBI.
The world is currently experiencing unprecedented concerns about increasing cyber threats in the United States and abroad. With the elections looming right around the corner, political organizations and even election agencies have become favorite targets for hackers seeking most probably political initiatives and fame to boast about with others.
The “Black Friday” of October 21st witnessed outages that varied by geography and were also intermittent. Various internet destinations such as CNN, Mashable, the New York Times, the Wall Street Journal and Yelp, along with a variety of business enjoying the hosting of Amazon.com were hearing complaints from users about their sites no longer being accessible.
Millions of internet addresses were the source of these attacks, Dyn explained, adding to the complexity of the case and rendering probably the largest such attack in history. Security experts described the attack as a significantly potent example of a distributed denial-of-service (DDoS) attack where hackers coordinate their measures and engulf their targets with an enormous amount of worthless traffic to eventually freeze up their target servers.
Major vulnerabilities unveiled
Connected devices were the source of at least a portion of the malicious traffic. These devices included the likes of digital video recorders and webcams, all of such had been by “Mirai,” a software under control by an unknown party. More often connected to as the family of the “Internet of Things,” for some time now security gurus have been sounding alarm bells about the lack of adequate security in the use of such devices and the vulnerabilities posed as a result.
The birth of the Mirai code dates back to sometime in mid-September, and cybercriminals are now taking advantage of this malicious software in launching a variety of cyberattacks. Friday’s attack witnessed numerous networks using the vulnerability of compromised machines. This suggests that the infiltrators had acquired some type of access to a large number of what is nowadays called botnets.
Traffic-routing services provided by Google of Alphabet, Inc. and OpenDNS of Cisco Systems, Inc. were used by the attackers to make discovering the root of the malicious traffic even more complex without compromising inquiries of legitimate nature as a result.
One cannot attempt to block the IP addresses they are witnessing, as such a move would render the blockage of Google or OpenDNS in their entirety. DDoS are at times described as nasty cybercrimes and some of the hardest to defend a system against.
Were there previous warnings?
Connected device manufacturers have to go to much farther lengths to ensure that such gadgets are regularly updated following the discovery of such flimsy security mistakes. Big corporations should also employ a number of vendors for fundamental services such as routing internet traffic. Customers enjoying backup domain name service providers are in need of staying at reach, according to experts.
A week prior to the attack the Homeland Security Department had issued a warning regarding such an attack possibly targeting Internet of Things devices. This warning came after the Mirai code release.
Such an attacking targeting major domain service providers have the potential of causing huge and costly disruptions due to the fact that such firms are in charge of forwarding internet traffic in large volumes.
In this case, Dyn had announced the resolving of an initial attack on Friday morning lasting two hours and disrupted various operations. However, a second attack once again compromised the company’s services only a few hours later. Come Friday evening, the service provider was tackling yet a third wave of attacks.
Being one of the world’s largest cloud computing companies, Amazon and its web services branch reported the subject had temporarily tampered users’ access across the Atlantic into Western Europe. Late Friday evening users in London experienced major difficulties in accessing Twitter and other news websites.
Various customers in specific regions experienced outages, leaving them unable to make payments, PayPal Holdings, Inc. reported. The company expressed its apologies for the caused inconvenience, adding its networks were not targeted in these hackings.
An increase in DDoS attack testing were witnessed aiming at major internet infrastructure providers that remained unnamed at the time. A country even may have been behind this recent attack and the nature of the raid seemed to be a capability test. For now there may be no obvious reason for a state government to be behind the Friday assault. And making things even more difficult is the reality that such DDoS attacks launched on a for-hire nature are known to be very difficult to attribute to any particular party.