October is Cybersecurity Awareness Month – learn more from https://www.dhs.gov/
Last Friday you may have noticed something was afoot with the internet. The largest, full scale cyber attack ever launched was underway and the main target was the United States, affecting millions of users across the continent, then spreading beyond to Europe and Australia.
Roughly 10 million IP addresses (devices connected to the internet) were involved. What exactly were these things? How did it happen? Take a look around inside your home and there is a chance you may have one of the suspects used in the attack.
Anything that can connect to the internet can be used in these DDoS (Distributed Denial of Service) attacks. Devices that connect to the internet that have never had their default passwords changed or firmware updated are primary suspects. These include cameras, VOIP phone systems, baby monitors, routers, DVRs, and internet connected appliances such as stoves, refrigerators, washing machines and dryers. These devices are commonly referred to as IoT, or the Internet of Things. Computers and printers that have been compromised by not having the proper security updates installed are also used.
As far as how this happens, the aforementioned IoT devices are taken over and then in masse send large amounts of data to key points on the internet, overwhelming the servers. Last weeks attack was significant in that the attackers did not target just one site, they instead targeted the DNS (Domain Name Server) that connects your computer to websites, effectively knocking offline all of the sites under that DNS’s control.
What can we learn from this? Be prepared for future outages. Even if you ensure everything in your home or business is in tip top security shape, for each one of you there are one hundred others that are not. Plan ahead accordingly on what your backup plan is for these disturbances.