The DYN Attacks – A New Wave of Cybercrimes?
A new wave of cybercrimes entered the scene a few weeks ago and shook the Internet. Last month, the domain name service provider Dyn fell victim to a Distributed Denial-of-Service (DDoS) crime – an attack which occurs when multiple compromised systems, often infected with a Trojan are used to target a single system causing a Denial of Service (DoS) attack. DoS attacks are not new, but the attack against Dyn caught the attention of many due to the scale of the impact.
The attack brought to light the impact of Internet of Everything (IoE). Today, with so many devices connected to the Internet, including DVRs and webcams, the scale of the attack was felt deeper than previous attacks, allowing it to command a vastly larger and more distributed range of IP addresses. The Dyn attack was largely driven by Mirai malware, which resulted in intermittent disruptions for Internet users attempting to access many major sites, including Amazon, GitHub, Reddit, SoundCloud, Spotify, Tumblr and Twitter.
According to Josh Finke, senior director of sales engineering teams and technology practices at Iron Bow, the DDoS attack at Dyn may be the first of many to occur in the future. Because of the availability of the malware source code online, and the number of susceptible Internet of Things (IoT) devices, this type of attack is more attractive to hackers than others. “There’s a pretty significant chance that this type of attack will happen again,” Finke said. “While ISP’s and other companies are scanning their systems for any trace of Mirai malware,” Finke says “That doesn’t decrease the chance that this will happen again.”
Mirai malware turns computer systems running Linux into remotely controlled “bots,” that can be used as part of a botnet in large-scale network attacks. The source code for Mirai was recent published in hacker forums and since then, the technique has been adapted to other malware projects. It works by identifying vulnerable IoT devices using a table of common factory default usernames and passwords and logs into them to infect them with the Mirai malware.
There were three attacks to Dyn on October 21, and while the US Department of Homeland Security is investigating the attacks, no group of hackers claimed responsibility as of yet. Dyn’s chief strategist said in an interview that the assaults on the company’s servers were very complex and unlike everyday DDoS attacks. Barbara Simons, a member of the advisory board of the United States Election Assistance Commission, said such attacks could affect electronic voting for overseas military or civilians.
So is this the beginning of a new era of malware attacks? We will have to see; but in the meantime Finke warns “Everybody needs to step back and think about the impact of connecting so many random devices to the Internet.” There is no doubt that during this day and age, large scale attacks such as these can be catastrophic.