Computers Politics and Technology Nations

Last Friday I Couldn’t Tweet – Defending the Internet is Key to Our Future

October 27, 2016

56

ddos-attack — Image Credit: shutterstock.com

October 27, 2016 – The Internet is technology’s great emancipator making knowledge ubiquitous. It along with mobile devices has forever changed the nature of communications. We are no longer living in a world where words and pictures are constrained by the physical confines of a page. Instead we have become addicted to a hyper-connected state of reality. No event happening on the other side of our planet escapes our notice. We find out about it within seconds of it happening.

Last Friday as I was writing a blog I suddenly realized just how dependent I had become on networked knowledge and the level of frustration and alarm that I felt when suddenly the sources of that information were being denied to me. At first I thought the reason I couldn’t connect was related to a browser error. So I saved my work, shut my browser down, tried a different one and started working again. But as I tried to connect with familiar sites the same messages came up telling me they were inaccessible.

That’s when I went to Google news sources and found out that I was witnessing a massive attack underway on a key piece of the Internet providing services to hundreds of websites. One of those sites was Twitter, another PayPal, another Amazon.

The type of attack is called a Distributed Denial of Service or DDoS. It consists of the simultaneous issue of millions of visit requests to targeted websites causing the hosting servers to become overwhelmed by the traffic and crash. Normally a DDoS attack originates from a user with malicious intent to break a company or service online. The user harnesses hundreds or even thousands of computers by infecting them with malicious code which is time triggered. But on Friday the attack didn’t come from computers. Instead it was non-computer devices connected to the Internet, what we collectively call the Internet of Things (IoT).

What are these Internet-connected things?

They are smartphones, smart TVs, security cameras, digital video recorders, smart thermostats, fridges and coffee makers. They are sensors in factories. They are controllers that turn the lights on and off in your home and increasingly assist you in your daily life by automating things domestic.

So how could such innocent and innocuous devices cause a DDoS?

Because these devices when built are designed to connect to the Internet. They come with default security, default passwords and user names. They come with instructions to users that tell them to personalize the information. Often users get notified of a software patch they need to upload to their device. But how many users update the software that resides in an Internet-connected fridge or coffee maker?

This Internet of Things is a Trojan Horse that can be exploited by hackers.

That’s what happened on Friday. Many millions of IoT devices targeted a specific Internet hub provider, Dyn, taking down its servers.

The malicious software code or malware that infected the devices used in the attack has been identifie as Mirai. The source code for Mirai can be found by anyone on the Internet. What Mirai does is seek IoT devices with factory-default user names and passwords and gets passed this base security. It then repurposes the devices to create Internet traffic aimed at targets.

A single product, a security surveillance camera, produced by a Chinese electronics company, XiongMai, found in many other security product offerings, is the suspect source of the Mirai infection. The webcam you use on your desktop computer, or the one in your laptop could just as easily have been penetrated by the malware used in this attack. So in effect you or I could be unwilling agents to the DDoS that felled Dyn’s services last Friday. And you will never know unless you registered the warranty for the device and receive regular notices of software patches or security updates.

Throughout Friday the DDoS attack spread across the United States and Canada and we were treated to maps (see image below) that showed the extent of its reach.

The attack was not the first and will not be the last. Companies and institutions that are the backbone of the Internet report increasing attacks. They are getting bigger and lasting longer. The attacks appear at times to be probing efforts to discover weaknesses in the security of sites they target. The longer an attack lasts the more a site reveals its defenses making it more vulnerable to future penetration.

So who wants to break the Internet? Are these state actors, individuals, or competitors to companies they target?

Are the attackers the same group stealing communications, emails and other forms of information from government, NGOs and company servers?

And what can be done about the rapid growth of IoT?

How do you stop consumers from loading up on devices like smartwatches, fitness trackers and a seemingly endless number of wi-fi gadgets that connect to the Internet?

What do you when the gadgets and control systems in cars, trucks and airplanes are all connected to the Internet?

The IoT is growing at a rapid rate with billions of devices already in place. In a recent BI Intelligence report it stated the following:

The number of IoT devices in 2015 equaled 10 billion
The number of IoT devices by 2020 will equal 34 billion with 10 billion incorporated into traditional computing technology
Companies will be the biggest users of IoT incorporating devices into manufacturing production, warehousing and logistics
The second largest adopter of IoT will be government

Knowing what happened last Friday and that IoT adoption is exploding across the planet should be a wake up call to governments, industry and consumers about the importance of implementing best security practices.

Defending the Internet is a global priority.