Internet of Things comes back to bite us as hackers spread botnet code

Share This Story!

Let friends in your social network know what you are reading about

Internet of Things comes back to bite us as hackers spread botnet code

Hackers are launching DDos attacks using coordinated attacks from Internet-connected devices.

Loading…Post to Facebook
{# #}
CancelSend

Sent!

A link has been sent to your friend's email address.

Posted!

A link has been posted to your Facebook feed.

Join the Nation's Conversation

To find out more about Facebook commenting please read the Conversation Guidelines and FAQs

Internet of Things comes back to bite us as hackers spread botnet code

Elizabeth Weise , USATODAY 6:47 p.m. EDT October 3, 2016
Skip Ad
Ad Loading...
x

Embed

x

Share

We're all guilty of bringing too many gadgets along when we travel. But using local Wi-Fi and public outlets can put you at risk for cyber threats. Here's how to keep your personal information private while traveling. USA TODAY

636111168667273719-V1X103-747E-9.JPG

Ethernet cables and routers connect a multitude of computers during the CyberWatch Mid-Atlantic Collegiate Cyber Defense Competition at the Johns Hopkins University Applied Physics Lab in Laurel, MD Friday, March 16, 2012.(Photo: Joe Brier for USA TODAY)

SAN FRANCISCO – Consumers around the world could see their home Internet speeds slow in the coming weeks due to a recent release of software that allows hackers to use Internet-connected devices to attack websites.

The source code for Mirai, a tool that creates what are known as botnets, has been released on the so-called dark web, sites that require specific software or authorization to access and that operate as a sort of online underground for hackers. The release was announced Friday on Hackforums, a hacker discussion board. Two security experts contact by USA TODAY looked at the source code and confirmed it was this botnet tool.

Mirai is an easy-to-use program that allows even unskilled hackers to take over online devices and use them to launch distributed denial of service, or DDoS attacks. The software spreads via the Internet, taking over DVRs, cable set-top boxes, routers and even Internet-connected cameras used by stores and businesses for surveillance.

Once a device is hijacked, so much of its bandwidth goes towards doing the botnet's work that it can run slowly or suffer intermittent failures, and it's very difficult for the consumer to know the cause.

The code is “a gift to cyber criminals,” said Thomas Pore, director of IT and services for Plixer International, a Kennebunke, Maine-based malware incidence response company.

Mirai was used to knock computer security writer Brian Krebs offline on September 13.

Expect more and more such attacks in the future, says Roland Dobbins, a DDoS expert with Arbor Networks. “We’re seeing more attackers becoming aware that embedded devices are an easy way to launch these attacks,” he said.

DDos attacks from the Internet of Things

DDos attacks have existed since at least 1999. They involve using a network of computers to bombard a website with millions of messages, so many that the system cannot cope and shuts down.

Computer security writer Brian Krebs, attending a security

Computer security writer Brian Krebs, attending a security conference in Belgum in 2014 (Photo: Courtesy, Brian Krebs)

At one point Krebs' site Krebsonsecury.com was receiving 665 Gigabits of traffic per second, one of the largest such attacks recorded, he wrote on his blog. It's something like streaming 65 3-D movies per second, and the torrent of data was so large it made it impossible to access the site.

Krebs believes the attack was in retaliation for his recent articles on two recently-arrested attackers.

In the past, such DDoS attacks were accomplished by hijacking computers with malicious software and turning them into a robot network, or botnet, that sent the messages.

Mirai and other software available online now focus on compromising devices that are connected to the Internet but that most consumers don’t think of as computers, the so-called Internet of Things.

In the Krebs’ attack, the network was launched from thousands of Internet-connected surveillance cameras of the type used in stores and businesses as well as digital video recorders and other Internet-connected devices.

DDoS attacks are launched for several reasons. The most common are ideologically-motivated ones, where the attackers want to knock a website offline to silence its message. They’re also used by hackers trying to distract companies from other hacking efforts within their networks. Finally, they can be used as extortion tools, with criminals crippling a site and then demanding payment to stop the attack or not re-engage, said Dobbins.

Not much users can do

“If you’re running an IP surveillance camera or a DVR system and you’re using it with factory default credentials, there’s a better than decent chance it’s already compromised,” said Krebs.

Even deleting the malware won’t do much because the botnets are constantly searching the Internet for new devices to hijack.

“Once you plug it back in there’s probably five or ten minutes before it gets infected against because there’s such much scanning going,” he said.

Many such devices have no built-in security at all. For devices that come with a password, the first thing consumers should do is reset the default password to a new one. However, that's often easier said than done.

“In many cases when people buy these devices there may not be any updates, and even if there are it can be daunting for ordinary human beings to apply," said Arbor Networks' Dobbins.

Consumers have few ways to combat this because companies tend not to invest in security unless they have to, said Avivah Litan, a computer security analyst with Gartner.

The one thing consumers can do is "vote with their pocketbooks" by staying away from brands named in big attacks.

“Maybe that will raise awareness,” she said.

Elizabeth Weise covers technology and cybersecurity for USA TODAY. Follow her at @eweise.

CONNECTTWEETLINKEDINCOMMENTEMAILMORE
Read or Share this story: http://usat.ly/2dDwkE8

SHARE THIS
Previous Post
Next Post