DDoS attack takes down internet
Oct 24, 2016
Over the weekend a massive distribution of denial service (DDoS) attack occurred by the Mirai botnet and focused on taking down Dyn DNS, which ultimately disabled many large companies in the US (and around the word) such as Twitter, Spotify, GitHub, Amazon & Reddit among other services.
Mirai uses Internet of Things (IoT) devices (Devices that aren’t traditional computers, which are connected to the internet such as DVRs, IP Lights, smart home devices, smart watches, sensors, etc) which it has infected, to perform large tasks, in this case overwhelming Domain Name Services for websites.
IoT devices are inherently harder to protect as they don’t have the computing resources (by design) to protected themselves like standard computers do. Some simple ways to secure your IoT devices include;
- Create a separate wireless network (and isolate them) from your main computers. Most Wifi routers have the inbuilt capability of using “Guest Networks”.
- Reset the password on the device to something secure – and make sure it’s a different one for each device.
- Turn off Universal Plug & Play, as it is an easy way for hackers to attack Printers, Routers, Cameras and even TV’s.
- Update to the latest firmware, manufacturers continue to do updates well after you have purchased your device – and they don’t just come with security patches – sometimes you will get new features as well.
- Keep a track of what is connected to your network and make sure it’s necessary.
- Keep personal devices out of the workplace – or limit them to the guest network, and have a clear BYOD (Bring your own device) policy.
Overall it’s another good example of how important domain names, and DNS is to your business (which we spoke about earlier this month).
Director at Tropical Business Solutions