You may have noticed around the internet today that things aren’t acting quite right. That’s because at some time this morning, malware known as Mirai executed a distributed denial of service (DDoS) attack on the entire web. This has led to websites customers of a domain service known as Dyn to go out of whack. Twitter, Netflix, and Spotify are just some of the names on the list.
But let’s back up a bit here: what exactly is a DDoS attack anyway? Over on Digital Attack Map, they describe it as a way to overload websites’ servers and eventually slow or crash connections and loading.
A Distributed Denial of Service (DDoS) attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. They target a wide variety of important resources, from banks to news websites, and present a major challenge to making sure people can publish and access important information.
By accessing tens of millions of IP address from Internet-of-Things devices like smart home accessories and in-home routers, Mirai was able to use the hardware to send jibberish requests and signals to websites’ servers and other networks that have led to the overloading of various sites and services across the web. Luckily, MBEDDED hasn’t been affected by this problem, so feel safe while reading this article.
According to cyber crime journalist Brian Krebs, word has now come in that this method of overloading websites is being used in this major North American internet outage.
Flashpoint is now reporting that the attack on Dyn today is in fact being launched by a Mirai-based IoT botnet
As The Verge notes (who seems to also be experiencing serious problems thanks to this attack), the Department of Home Security is now looking into this DDoS attack. It’s also worth noting that Dyn themselves are making an effort in resolving this matter, however it seems that this will take some time as the company is currently “continuing to investigate and mitigate several attacks aimed against the Dyn Managed DNS infrastructure.” We’ll let you know if things change any time soon.
To make this situation even worse, not only has a second attack been executed alongside a third which, according to CNBC, is currently under way, but a person in question by the screen name of “Anna-senpai” has uploaded the source code used in today’s DDoS attacks to a site called Hackerforums. He or she writes that the reason behind this motion is due to security experts beginning to defend against it. Here’s the user in its own words.
I made my money, there’s lots of eyes looking at IoT now, so it’s time to GTFO [link added].
Thanks to Anna-senpai, the risk of another IoT botnet DDoS attack is even greater. In fact, it’s highly significant. Krebs wrote (via The Verge) about how severe the risk of another attack like this is since the source code is available to anyone at this point.
“My guess is that (if it’s not already happening) there will soon be many Internet users complaining to their ISPs about slow Internet speeds as a result of hacked IoT devices on their network hogging all the bandwidth,” Krebs wrote. “On the bright side, if that happens it may help to lessen the number of vulnerable systems.”
This isn’t the first time Mirai has been uploaded to the internet. In fact, the malware has been accessible to any hacker state-sponsored or otherwise for quite some time. This leads to the conclusion that there’s likely no easy way to track down exactly who executed the attacks today. Many will have their theories, but we’ll never know until authorities complete their job.
So when will this issue be resolved? As of now, there’s no way of telling. With a third attack reportedly under way, we may be looking at around another few days or so (at least according to the current rate investigations into the case are going). Of course, you can always stay tuned to MBEDDED for up to date coverage. Follow us on Twitter for the most timely updates.