DDOS Cyber Attacks Update

Last week hackers forced Brian Krebs to take down his security journalism site because of a large scale Denial of Service Attack – likely one of the largest ever seen.

Krebs on his website KrebsOnSecurity.com has a long history of exposing DDOS cyber criminals. This was one of the biggest attacks in the history of the Internet.

Estimates go as high as 1.5 million devices begin used to make this attack. The attack had a tremendous amount of power behind it.

According to Level 3, the largest part of the Botnet used for the attack was made mostly of internet-connected cameras and DVR’s made by DAHUA Technology, a Chinese manufacturer, with a subsidiary in California. The hackers found a vulnerability which affects most of DAHUA’s cameras that allow anyone to take control of the devices by entering an extra-long overflowing password. The botnet also includes other devices like home routers and Linux computers.

Malware was then installed on the devices to make them part of the attack botnet. Similar botnets have been used both DDOS attacks and ransomware attacks.

The hackers used a malware dubbed “MIRAI”. MIRAI source code was initially released in 2015 and is widely available. It is written in C and designed to be very portable to different platforms.

Expect to see more attacks, problems, and issues of this ilk in the future. This botnet is really large and will likely play a role in the future. If you have a camera or a DVR that has been connected to the internet, you should either dispose of it or make sure it is not infected. It is not enough to put it behind a firewall once its infected.

Further Reading:
https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/
https://blog.level3.com/security/attack-of-things