One massive Internet attack which was sustained over the last few weeks and resulted in Internet outages and network congestion has been retraced back to number of hacked of Internet of things devices which included the video cameras, digital video recorders as new data has shown.
An internet infrastructure company going by the name Dyn, one which provides some critical technology services for some of the Internet’s top destinations. Cyber attackers started practicing their attack cannons on the company and it caused some several problems on an array of sites which included Twitter, Amazon, Tumblr, Reddit, Spotify and Netflix.
At the time, it was unclear what was behind the attack on the Internet infrastructure company, but as time went on it became more clearer and one of the security firms said that they had seen the involvement of the Mirai Trojan, one of the malware strains which was involved in a record 620 Gbps attack on the krebsonsecurity website last month.
Researchers at the security firm, Flashpoint, said that the attack on the Internet had been launched by in part a Mirai based botnet. Allison Nixon who is the director of research at Flashpoint said that the bitnet which was used is built on the support of the hacked IoT devices which mainly comprises of the digital video recorders, and the IP cameras which are made by a Chinese company called XiongMai Technologies.
The company makes some components which are used by vendors downstream who then use them in their own products. Nixon said that the issue of having a whole company’s product line turned into botnet was interesting. Nixon also noted that there was talk that the attack there had been multiple botnets involved in the attacks, but what was for sure was that a Mirai botnet was involved.
Zach Wikholm also at Flashpoint told reporters that the biggest issue with most of the IoT devices was that users could not change their passwords, which made them susceptible to attacks. The researchers over at Flashpoint said that they had scanned the Internet on October 6 for any system that showed a sign of having a vulnerable hardware on it.
From their scan they found 515,000 flaws. Nixon added that the IoT devices were truly not safe and the responsible parties needed to take action on the problem as soon as they could. At the moment it is unclear how it will be possible to get a handle on the security problems that are clearly going to be at the forefront in the coming months.