If you’re a customer of Twitter, Shopify, AirBnB, or Soundcloud, then you were probably a bit annoyed over the last couple of days. What do these four companies have in common? They are all customers of Dyn, who recently had a major DNS outage this past Friday, October 21.
A very large DDOS attack took Dyn’s network down and it seems that it was partially due to compromised IOT devices. About 500,000 devices were reported to have have been infected with the Mirai malware, according to Level3 Communications. Chief Security Officer, Dale Drew, said only about 10% of those devices participated in Friday’s DDOS attack. However, this was not the only botnet that was part of the attack.
The Mirai malware is an extremely serious issue. Last month, it was responsible for the largest DDOS attack the internet has ever seen. It was against Brian Kreb’s security site and reached 665Gbps. Apparently the devices used in Friday’s attack were different than the attack on Kreb’s website. What makes Mirai malware unique, is that it doesn’t infect PC’s, but it targets internet connected devices like cameras and DVR’s. These devices have weak default passwords and make them easy to compromise. On top of this, the person responsible for building Mirai has released the source code to the hacker community.
According to Dyn, many of their engineers were fighting the attacks all through the night on Friday. They also reportedly said that the attacks were coming from tens of millions of IP’s at the same time.
Leave a Reply