Some of you may be confused about what exactly happened this week when you heard that the internet was under attack, and maybe you noticed you couldn’t access certain sites like Reddit, Twitter, Spotify, Paypal, or Amazon. Let’s clear things up.
The problems were caused by a technique called a distributed denial of service, or DDoS, attack. Basically, this attack uses many machines to flood a web server with requests so quickly that it can’t keep up and slows to a crawl, thus preventing other legitimate users from accessing the site. It’s like if you owned a small pizza shop, and some angry people got together to flood your phone lines with bogus calls in order to prevent your real customers from placing orders.
DDoS attacks happen thousands of times everyday, but don’t usually make the news. In fact, you can check out Google’s digital attack map (http://www.digitalattackmap.com/) and see attacks happening and being tracked at this very moment.
Friday’s attack was special for two main reasons:
- DDoS attacks are typically done to individual web sites. Maybe some angry or mischievous people get together to try and take down a gaming service or some other popular site. This attack actually happened to what’s known as a Domain Name Server, or DNS, provider. DNS providers make it possible for us to type in www.google.com instead of having to remember Google’s actual internet address, which could look something like https://18.104.22.168. We type google.com, the DNS translates that into the actual ip address that the site can be found at, and direct’s our web browser to that location on the internet. This way, we just have to remember names instead of complex numbers. DNS is essentially the internet’s phonebook.When you DDoS a DNS server, your web browser can’t access the info it needs to convert the domain name into the correct ip address, and so doesn’t know where it’s supposed to go to show you the page or site you’re after. And since DNS servers are translating for thousands of sites, the attack can have a wide impact.
- The number of devices used in the attack was massive. DDoS attacks are made easier with more machines available to send the flood of web requests. It’s not unusual for malware on unsuspecting user’s computers to aid in attacks. Through the use of malware, attackers can utilize the resources of hundreds or thousands of machines to launch attacks. In this case it’s believed this attack was largely the work of a malware called Mirai.What makes Mirai scary is that it primarily targets Internet of Things, or IoT, devices. IoT is a wide ranging term that means any device connected to the internet. If you look around a modern home, there are many things connecting to the internet: the wireless router, game consoles, smart televisions, phones, tablets, computers, DVRs, smart thermostats, smart lightbulbs, smart front door locks, baby monitors, home security systems, smart speakers (like Amazon’s Alexa or Google’s Home), etc. The list goes on and continues to grow as we continue to trade a reliance on the internet for convenience in our homes and lives.
But each of these new types of internet connected devices is also a vulnerable attack vector to exploit. With computers, we receive security patches and use antivirus software to keep us protected. Most smart devices will never see any type of security update. And this is precisely why these types of attacks are so scary. It’s going to be increasingly difficult to figure out not only where the attacks are coming from, but also how to prevent them in the future. Hackers can use our own devices for their attacks, and we may never even realize it’s happening.
So how can you help prevent these problems? Simply, by being aware. Making sure your home routers are secure, using strong encryption, and that they aren’t using the default passwords that came from the factory.
If you use smart devices in your home, make sure they are always running the latest updates if possible. Most device updates don’t contain major or noticeable features, but simply fix bugs. These bugs are important to be rid of as bugs are frequently used to either install malware on devices, or force the devices to perform actions they were not intended to.
If we all put a little more thought into the security of the devices we use everyday, we can all help to make this kind of attack more difficult to pull off. And that’s better for everyone.