The Darker Side of the Internet of Things

On Friday, Dyn, a company that routes and manages internet traffic, suffered multiple Distributed Denial of Service (DDoS) attacks throughout the day.  Major sites such as Twitter, Netflix, airbnb and the New York Times were unavailable throughout the day due to these attacks.  The general counsel for Dyn, Dave Allen, confirmed on Friday that a malware called Mirai executed the attacks via devices on the so-called Internet of Things, turning them into a launch pad for the attacks.

With 500,000 devices already infected around the globe, Mirai allows devices like fridges, home security systems, and cars to be used for large scale DDoS attacks –  flooding servers with artificial traffic until they crash. Mirai spreads by scanning for devices with basic or default username and password combinations and then uses brute force to enter the system. With the malicious code of Mirai now available in full online, it is likely hackers will modify it to their needs. And, by commandeering everyday devices, hackers are able to amplify these disruptive attacks and conceal the source behind layers of misdirection, making attribution difficult.