A DDoS last week attack took down a large portion of the Internet using hijacked IoT devices. (Image of laptop)
Last week’s DDoS attack reiterates why it’s important to secure your networks and connected devices.
On Friday, a large portion of the Internet went down as hackers launched a large distributed denial-of-service (DDoS) attack on a major domain name server host. This brought down hundreds if not thousands of websites and web-based services across the US and in Europe, affecting even such giants as Amazon, Paypal, Twitter, Spotify, Reddit and Netflix.
DDoS: What is it and how does it work?
But what exactly is this distributed denial of service (DDoS) attack? To understand it, think of a domain name server as one of those annoying automated answering services where you have to press “1” for English, except here you are past that stage and you are trying to reach John Doe. You press “5” for Mr. Doe, and the system switches you from the main line to his personal line and rings his phone.
Like the automated phone system, the DNS is the system that routes you to website you seek on the Internet. When you type the URL in your browser, "www.rkblack.com" for example, that is like pressing “5” for John Doe, but instead being sent to someone’s voicemail, you are sent to the actual John Doe.
The way a DDoS attack works is, let’s say you ask a hundred or two hundred people to all call the main office number for the company where John works. They call and the system not being able to handle the volume, boggs down and puts everyone calling in on a cue longer than the line for funnel cakes at the state fair, that's if the system doesn't crash. Those trying to reach John can't reach him, Jane in accounting also can't be reached, nor can anyone reach Shirley in marketing.
Now, substitute your call buddies for hacked computers and Internet-connected devices like printers, surveillance cameras and such, and have them “call” a DNS server. Guess what? You suddenly have an overwhelmed DNS server where nobody is getting to Netflix, or PayPal or Amazon.com. And that's distributed denial-of-service attack.
DDoS: Can it use my printers, surveillance cameras, other IoT devices?
So, does that mean your office printer or even your wireless security camera watching your front porch played a part in bringing down Netflix? Maybe. Maybe not. If your printer or camera are behind a firewall and your network hasn’t already been compromised, then likely, no. With many IoT devices, even with a firewall in place, if a user on the network falls for a social engineering scheme and clicks on a bad link, the user has opened the door for a hacker to enter the network and conscript the connected computers and devices into the botnet army.
The copiers and printers R.K. Black installs at our client businesses, for example, we install behind a firewall on corporate networks, protecting them from direct Internet attacks. Furthermore, as business-class machines, they are not affected as their configuration is such that if they ping outside the network, they will only ping a few times.
Now for a printer from a big box store, that may be a different story. If you go that route, we highly recommend you change your default password upon installing your equipment — and that goes for any other IoT equipment, including your web or surveillance cameras. This prevents a hacker gaining access to your system from using default passwords penetrate your device, add his software and turn it into a "zombie."
For example, in this story just released by The Guardian, a Chinese company is recalling a number of its webcams allegedly contributing to Friday’s attack. The company, though promising to “strengthen password functions and send users a patch” for affected equipment, said though the biggest issue with the cameras was “users not changing default passwords.”
Just so you know, R.K. Black, which happens to be in the business of video surveillance, as a standard practice changes the passwords from their default settings on all the IP cameras we install. Our DVRs are not only password protected, but guarded by a firewall and separated from the other networks at the installation site.
What can I do to keep DDoS attacks from using my devices?
Summing up, it is due to botnets, other forms of malware and the damage they cause why it is so important to take measures to protect your computers, your IoT devices and your networks.
Here are some tips to protect your network, computers and devices from being drafted for DDoS purposes:
- Keep your operating system updated. Developers are constantly find security holes, they release updates to patch them.
- Strengthen your passwords. For tips on how to do that, click here.
- Use your antivirus software. If you don’t have it, get it. If you have it, run it and keep it updated!
- Don’t click on suspicious links or questionable attachments when checking your email. Don’t even open emails from unknown sources. Delete them.
- Don’t ever use an unknown USB thumb-drive. If you find one tossed aside, stay away from it. It may have been planted and may be infected.
- If a using public Wi-Fi access, use a VPN if you have one. This keeps others from “tapping” your connection and gaining access to your home or office network and data. If you don’t have a VPN, use your phone’s mobile hotspot capability if it is so equipped.
For IoT Devices
- Always remember to change the default passwords whenever installing your device, whether that be wireless security cameras or a 3-in-1 printer from your local big box store. Remember as part of your setup to change the default password right away.
- Check and update device firmware on a periodic basis. It’s basically the same as updating the OS on your PC.
For a more detailed instruction on how to protect your IoT equipment, the Department of Homeland Security recently published the following article: Heightened DDoS Threat Posed by Mirai and Other Botnets .
And for all of this, especially if you are a small-to-medium sized business, if you need help with your networks, copiers, printers, security cameras or other office technology, give us a call or click the button below.