department menu

Massive Internet Outage

Mirai Botnet Attack Explained

On October 21st, Internet of Things (IoT) devices were compromised, and used as a botnet army to take down the DNS service provider Dyn. Internet of Things is a term used to refer to networked, typically in-home devices, such as cameras, coffee makers, smart tv's and thermometers. In this particular case, it seems the devices that were compromised were very old CCV cameras that reside in businesses and are attached to equally old recorders. When several devices are compromised, they can be used to send many packets of data to the same target at the same time. This is called a DDOS attack, and the group of devices are called a botnet. The data will overwhelm the servers, causing them to crash. Dyn is a DNS service provider, which allows a website to resolve when you type a url into your web-browser. By taking this service down, they made many websites inaccessible.

Some of the websites that failed included twitter, slack, github, paypal, etsy, spotify, soundclound, reddit, crunchbase, netflix, cnn, bbc and others.

How Does This Affect You?

If you are a frequent user of any of the listed sites, you may have noticed they were unreachable.

How Can You Protect Yourself

Remember to make sure your IoT devices are patched and up to date whenever possible.

Further Reading:

https://krebsonsecurity.com/2016/10/hacked-cameras-dvrs-powered-todays-massive-internet-outage/

http://arstechnica.com/information-technology/2016/10/inside-the-machine-uprising-how-cameras-dvrs-took-down-parts-of-the-internet/

https://www.wired.com/2016/10/internet-outage-webcam-dvr-botnet/