You may have heard recently how the popular security blog Krebs on Security was taken offline by a record DDOS attack along with Friday’s major attack on DynDNS.
The reason these attacks are newsworthy is because the attacks are so massive that even the best anti-DDOS systems like Akamai’s could not keep Krebs or DynDNS online. Cloudflare recently posted some visualizations to show how large these types of attacks can be.
The reason these attacks were so powerful was because they were created from a botnet of “Internet of Things” devices that are unsecured by default, also known as the “Internet of Sh*t”. Hackers created this new botnet called Mirai that searches the Internet for unsecured DVRs and IP cameras with default passwords.
i am excited for my bottle of wine to DDoS the US https://t.co/YhHXOqzcRJ
— Internet of Shit (@internetofshit) October 24, 2016
Unfortunately, now the Mirai source code is available to anyone, so these attacks will probably become more frequent and grow even larger. Currently live Mirai infections world-wide are mapped by a security site called Malwaretech.com and the infection has spread to almost every country world-wide.
One of our favorite Twitter accounts that we follow is called InternetOfShit. The account makes fun of how ridiculous it is to connect all these new devices to the Internet, and how they are mostly unusable and unsafe.
“How’d your accounts get owned?”
“Toaster. You?”
“Washing machine.”
— Internet of Shit (@internetofshit) October 22, 2016
Does Norton Security for IoT exist yet? pic.twitter.com/bm5fR0xcvV
— Internet of Shit (@internetofshit) October 22, 2016
For example, check out this Internet connected teapot that caused the owner to have to spend 11 hours trying to make a cup of tea! At first the “Internet of Sh*t” was a joke, but now due to the Mirai botnet it’s becoming more serious and governments may try to create regulations to stop companies from creating hardware products that are insecure by default.
Do you think you may have an Internet of Sh*t device on your network? Go to GlassWire’s “Network” tab to see a list of all the devices on your network and get alerted when a new unknown device joins your network.
If you do have a Sh*t device on your network please do us all a favor and unplug it, or at least change the default password. Not only could your Sh*t device be sending out DDOS attacks, it’s probably slowing your Internet access down considerably.
By the way… if you haven’t already, don’t forget to follow the InternetOfShit!