Last Friday (Oct. 21, 2016), Twitter went down. Amazon went down. Spotify went down. CNN went down. And for pete’s sake, STARBUCKS went down! It seemed like the online world was coming to an end as a massive cyberattack brought down the infrastructure of a company that maps domain name requests to the right sites. As a result, hundreds of sites were affected, including the email servers at Your Nerdy Best Friend.
I’ve been plowing through technical articles about what happened to put together this punch list of things you need to know about this hack and what may come after.
- The attack overwhelmed the systems
This type of attack is called distributed denial-of-service, or DDoS in nerd terms. My little site gets a few hundred visits a week. A DDoS attack on yournerdybestfriend.com might bring 10,000 hits in a matter of seconds. My little site would quickly blow up and fall apart. (Note to hackers — THIS IS NOT A CHALLENGE! I respect your evil powers. Please leave me alone.)
DDoS attacks are quite common, but they’ve rarely (never?) been this big. And this attack was a little different because they went after a company that provides services for many sites, rather than just one source.
- The attack used hacked cameras and DVRs
You should be afraid of this next part. The bad guys were able to hit the company’s systems so quickly because they had amassed an incredibly large army of hacked devices, which nerds call a “botnet”. Ever since the Internet of Things has spawned millions of web-connected devices, security experts have been warning of lax security and the potential for widespread hacking. Surprise! That’s what happened.
In this case, the hacked devices appear to be security cameras and DVRs, many of them connected to a Chinese device manufacturer. The bad guys were able to access the default passwords in the devices to add them to the botnet army. The manufacturer is recalling the devices, but the damage is done.
- It’s going to happen again
One of the reasons that so many devices could be so corrupted so quickly this time was because the code for malware called Mirai was recently shared on hacker sites. Mirai scanned connected devices for common username/password combos to find the poorly secured devices. The botnets will be used again, and hackers will figure out how to add more.
- Your devices may already be affected — and you’d never know
Although this hack focused on company security cameras and DVRs, anything connected to wifi and the internet is vulnerable. Anything. Your printer, your baby monitor, your security system, your router… and, of course, your thermostat, your new washer and dryer, crock pot, tea kettle…. Anything. All of these connected devices are computers, even if all they do is dim your lights from your iPhone. They can all give hackers access to your network and turn your device into a soldier in the botnet army.
This report from a security company shows that even your fridge can be hacked within three minutes and the results can take weeks to clean up — if you ever discover it.
- Wait — it gets worse
So now that we know that this is a problem — a HUGE problem — what can we do to protect ourselves?
The very best protection is to always, always, always change the default password to devices you connect to the web. BUT… many of the IoT devices have hardcoded passwords that you can’t even get to. So if a hacker has the password list and wants to use your machine, you’re hosed.
Consumer Reports says you should focus on your home router since that’s one of the most vulnerable areas. Another site shares more tips. But seriously, the true solution to this problem lies in the hands of the device manufacturers.