Non-Traditional Attack Takes Down Major DNS Provider

Misinformation can spread like wildfire and do more damage than the actual disastrous event. Take the October 21st cyber attack against Dyn. Some called it a “false flag” event. Others blamed the recent hand off of domain name control to ICANN. My 10+ years as a web developer leads me to believe there was no conspiracy and the ICANN hand over had nothing to do with it.

Myth: The recent transfer of domain control gave complete control of the Internet to ICANN

The transfer to ICANN was a mere formality. Domain names are only one part of the system that drives the world of networked computers and devices we know as the Internet. ICANN oversees the companies who provided domain registration services for top-level domains like .com, .net, .org, and the like. Complete control of the Internet requires taking over the domain names, servers that serve up and route the information, and the telephone lines, satellites, and cables that connect everything together. Since multiple private and public companies manage various parts of this infrastructure, we aren’t in danger of this happening, at least not without some warning signs that would be much more significant than the cyberattack against Dyn.

Dyn provides a very valuable service to the Internet. Each device that connects to the ‘Net uses two sets of addresses to identify itself to the network. A bunch of digits with decimals points that aren’t aesthetically pleasing to us humans called an IP address. This number string identifies the device’s location on the network, like a street address does for our houses on a street. The second even weirder-looking set of alphanumeric characters called a MAC address identifies the network interface. The Domain Name System connects the domain names we all love to the servers that host the websites behind them via their IP address.

On the most basic level, DNS servers are like any other server. They process requests and spit out information in return. Each request takes up a miniscule amount of resources. Imagine going to a site and hitting refresh on your browser a million times a second, but multiple people doing this at the same time. At a certain point the amount of requests is going to overwhelm the server unless it is hardened and has programs in place to recognize and mitigate an attack. Think about dumbbells and how many reps you can do before your arms get tired.

Fact: The Attack Came From A New Source

Any device taken over by malware can be turned into a bot by hackers. Get enough bots together and you form a bot net. In this case,  Internet of Things (IoT) devices such as DVR’s, refrigerators, baby monitors, and web cams made up a majority of the attacking devices. The code that coordinated them all was most likely something called Mirai.

Seems like there isn’t much we can do about this right?  Wrong.

Hackers have to get the malware on to the device in the first place. Some equipment will require manufactures to build in safeguards to prevent this since there is basically nothing a normal user can do.  However, using a few common sense rules, we can limit the vulnerabilities of the devices that we can control:

  1. Change your passwords on every Internet device you own, even if it’s your refrigerator – Don’t keep using the password that comes pre-installed, is easy to remember, or the same one for multiple accounts and devices. Yes, it may mean you have to write stuff down on an actual piece of paper. Hackers count on people being lazy and nonchalant about their passwords.
  2. Avoid fake service calls – If someone calls up and says they have an important update for your computer, smart phone, or IoT device, hang up! Slam the door on people showing up at your door offering to do a repair or upgrade if you aren’t expecting them. Users need to be the ones who initiate the upgrades and repairs from well-known and trusted companies.
  3. Be wary on the app store – Use your instincts here. Check out a developer, the number of apps they have, and their ratings  If something doesn’t seem right, do not press the download button. There were over 400 cases of malware-infected apps on Google’s play store infected as of an October 3rd ZDNet post.
  4. Ask yourself if you really need the app – Apps and programs take up valuable resources on your device Most will uninstall cleanly. Others leave traces behind. After a while those traces build up.

I’m not asking all users to know everything about their Internet connected devices unless they absolutely want to, but do learn enough to protect yourself and the rest us.

lonehorseend

An all-around person with the technical knowledge and analytical mind of a programmer, creative and detailed orientation of a writer, and aesthetic instincts of a photographer. Like what you see? Leave a tip at http://www.paypal.me/lhe

More Posts - Website

Follow Me:
TwitterFacebookPinterestGoogle PlusStumbleUpon

%d bloggers like this: