IoT Devices Used for Cyber Attack on Twitter, Paypal

IoT Devices Used for Cyber Attack on Twitter, Paypal

This post is also available in: heעברית (Hebrew)

A major cyber-attack that used hacked smart devices such as web cameras managed to shut down high-profile websites including Twitter, Spotify and PayPal, as well as Mashable, the New York Times, Amazon among others.

The October 21st attack has stirred the debate about cyber security of the Internet of Things (IOT) and smart home technology.

Hackers unleashed a complex attack on the internet through common devices like webcams and digital recorders and cut access to some of the world’s best known websites in what was defined as a stunning breach of global internet stability.

The attacks struck websites that are customers of an infrastructure company in New Hampshire called Dyn, which acts as a switchboard for internet traffic.

The attackers used hundreds of thousands of internet-connected devices that had previously been infected with a malicious code that allowed them to cause outages that began in the Eastern United States and then spread to other parts of the country and Europe, according to international sources.

The disruptions come at a time of unprecedented fears about the cyber threat in the United States, where hackers have breached political organizations and election agencies.

Dyn said attacks were coming from millions of internet addresses. Security experts said it was an especially potent type of distributed denial-of-service attack, or DDoS, in which attackers flood the targets with so much junk traffic that they freeze up.

Dyn said that at least some of the malicious traffic was coming from connected devices, including webcams and digital video recorders, that had been infected with control software named Mirai. Security researchers have previously raised concerns that such connected devices, sometimes referred to as the Internet of Things, lack proper security.

The Mirai code was dumped on the internet about a month ago, and criminal groups are now charging to employ it in cyber attacks, said Allison Nixon, director of security research at Flashpoint, which was helping Dyn analyze the attack.

The Department of Homeland Security issued a warning about attacks from the Internet of Things, following the release of the code for Mirai.

Frequently, hackers can gain access to devices via unprotected home routers. According to E&T website the attack exploited vulnerabilities in devices made by Chinese firm Hangzhou Xiongmai Technology. The firm issued a recall of products sold in the USA, but said the issue was mostly due to users not changing default passwords.

The advantages alongside the challenges of the IoT realm will be the focus of a professional conference organized by iHLS. The conference, which will be held in Rishon LeZion on November 23rd, 2016, will bring together companies in the technological and defense industries, integrators, research and development organisations, and leading academic institutions to discuss various aspects of IoT and showcase innovative solutions.

For more details on the IoT conference 

Register