The domain host, known as Dyn, has been affected by a big attack called distributed denial of service, in short DDoS.
This incident had a massive effect on various consumer services such as Netflix and Spotify as well as enterprise-grade providers including Zendesk and Heroku. Experts suspect that this attack affected a lot of people, not just across the United States, but Europe as well.
For instance, widely-popular social media platforms like Facebook and WhatsApp were affected as well by the DDoS.
What is a DDoS attack?
This type of attack consists of an attempt to make some specific features on the network to become unavailable to many users, in this case, websites.
A DDoS is always launched by multiple IP addresses (which are unique) or devices aiming to impact the traffic of one or many targets. What happens is that the target shuts down due to the pressure inflicted by the crowded traffic.
These hackers have first targeted KrebsonSecurity and continued by using many devices to spread the DDoS attack. Although this is not the first attempt, this incident was on a significantly larger scale.
Also, it relied on Internet of Things devices (IoT) instead of servers and computers to deliver the massive blow. More precisely, experts believe that Dyn was attacked by thousands of security cameras.
Why Security Cameras?
Although it might seem surprising why the hackers used this strategy, the reason is quite simple and logical. Many surveillance cameras used in businesses and homes across the world most often use the same firmware which is produced by only a few major companies.
Worse, most of them still function using the default credentials, meaning that they are easy to hack. After this attack, all companies are trying to enhance their security in order to prevent hackers from launching another DDoS attack in the future.
It is worth mentioning that IoT devices do not represent just a powerful weapon used by hackers to attack companies, but they are also a gateway behind the firewall. Although many companies are currently trying to improve their security, the traditional cyber software is difficult to implement in IoT devices.
Also, not all IoT devices are the same, meaning experts can patch only some of them, which consists of a manual process. Officials from all companies will continue the investigation to address this issue and develop a better strategy to increase online security against any attack.
Image Source: Wikipedia