Attack of the toasters, did we just see a glimpse of our future?
Last Friday we experienced the (mostly after effects) of an attack on DynDNS, which brought good chunks of the internet down or to a crawl. The attack was a DDoS (distributed denial of service) attack, apparently using basic but capable devices such as DVRs, thermostats, webcams and the like. Ok, as for toasters, I don’t have and never have seen an internet connected toaster, but I’m sure someone makes one. I’d find a bit more utility in a networked coffee maker, but even that..
A humorous (but true) quote (tweet), from Jeff Jarmoc, a Salesforce security engineer:
“In a relatively short time we’ve taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters.”
On a more serious note, see the article below – welcome criticism of the relative house of cards that my own industry has sold to the public in cloud hosting –
Dyn DDoS attack exposes soft underbelly of the cloud:
The DDoS attack against Dyn affected numerous websites, but the biggest victims are the enterprises that rely on SaaS for critical business operations.
Available at: https://www.infoworld.com/article/3134023/security/dyn-ddos-attack-exposes-soft-underbelly-of-the-cloud.html
Still, this IS a taste of our future, with anything that can be opened/ closed, turned on or off, up or down… potentially connected to the internet. The vulnerability is that these devices are largely installed with the manufacturer’s default username/passwords – leaving them more vulnerable to the hackers that use the DDoS attacks.
Have a concern about your systems? We’re here to help.