Find Out If One of Your Devices Helped Break the Internet
If you own Internet of Things devices, it’s time to lock it down.
Security experts have been warning for years that the growing number of unsecured Internet of Things devices would bring a wave of unprecedented and catastrophic cyber attacks. Just last month, a hacker publicly released malware code used in a record-breaking attack that hijacked 1.5 million internet-connected security cameras, refrigerators, and other so-called "smart" devices that were using default usernames and passwords.
On Friday, the shit finally hit the fan.
A massive distributed denial of service (DDoS) attack took down the core internet infrastructure supporting many popular websites, aided in part by a massive army of infected devices, or botnet, known as Mirai. The attack affected Domain Name System (DNS) servers hosted by the management company Dyn, making websites like Github, Twitter, and Reddit inaccessible throughout the day. Astonishingly, other companies responsible for monitoring internet infrastructure reported that the attack only utilized around 10 percent of the Mirai botnet, which currently recruits over half a million infected devices.
The attack is a reckoning of sorts for companies selling hordes of poorly-secured IoT products. But it should also be a major wake-up call to the thousands of people putting internet-connected fridges, light bulbs, thermostats, and other appliances in their homes.
In other words: If you've bought into the Internet of Things, now is the time to make sure your "smart" device isn't being hijacked by hackers to take down the internet.
Thankfully, it's pretty easy to check on this using online tools like Bullguard's IoT Scanner. The scanner will detect any devices on your home network that are publicly exposed and potentially accessible to hackers using the vulnerability scanning service Shodan, which is kind of like Google for finding unprotected computers and webcams.
If the scan identifies any devices exposing themselves on your network, it's time to take action: Access the device through whatever app or admin panel the vendor specifies and immediately change its login and password. IoT devices are notorious for keeping their factory default usernames and passwords, and the Mirai malware specifically uses a list of those defaults to scan for unprotected devices to recruit into its zombie army. So taking this simple step can go a long way.
This will protect your devices from basic attacks like Mirai, which target default passwords. But keep in mind it won't do any good if a hacker can exploit an unpatched security vulnerability--which, given the poor track record of IoT devices, seems fairly inevitable.
For extra security, it's also a good idea to log in to your router and "whitelist" all the devices you use to access your network by entering their unique Machine Access Code (MAC) address. This way, you'll have much better assurance that strange machines won't be accessing devices on your network.
But given the laughably-poor state of security on most consumer IoT products, the best way to prevent your devices from DDoS'ing a gaming server in South Korea is to not connect them in the first place.
You don't really need your dog to videochat you at work, do you?