ADVERTISEMENT
About Our People Legal Stuff
poster_6b3facaab3a3477caff52b570fd68944.jpg

Good news: We know what caused Friday's web outage. Bad news: Hackers sold that weapon.

0
Venezuela's top court blocked a bid to oust the president and Parliament called it a coup

WATCH | We contacted a computer science expert to explain how, without stealing a single password or implanting any kind of computer virus, cyber attackers can take down popular websites using the DDoS method.

Here's what happened

Remember when basically all your favorite sites went down on Friday? A security company found out just how hackers did it.

The bad news is, there's good reason to expect more outages. Hackers sold access to a "botnet," a ring of connected devices controlled for nefarious purposes, earlier this month, according to Forbes. That botnet is believed to be the one responsible for the widespread outages that attacked DNS hosting service Dyn. The seller claimed it could generate 1 terabit of traffic for $12,100.

This is the first time we've seen an IoT botnet up for rent or sale, especially one boasting that amount of firepower.
Daniel Cohen, RSA

Should I be worried?

Probably. A spokesman for RSA, the security firm that discovered the sale, called the technology a "worrying trend" in distributed denial-of-service (DDoS) attacks. The fact that it's for sale means it could be used again, or even made more dangerous.

How does it work?

Basically, any DDoS attack works by flooding a site with massive amounts of data so its servers can't handle the weight. Usually, multiple hacked computers ("bots") are looped into a "botnet" under a hacker's control to generate the necessary traffic.

01223E00-UONQL.jpg
Webcam (MGN)

But in Friday's attack, it wasn't just computers doing the damage. "Internet of Things" devices like DVRs and web cameras also contributed, Forbes reports. In some cases, the device's username and password were both "root."

How can we prevent this?

Well, as a user, there's not much to be done -- aside from making your passwords more complex. But tech companies can increase security on their end by actually using complex passwords, or use a backup DNS provider so if Dyn goes down, it doesn't take half the Internet with it.

Someone shot at a police car with a ride-along inside. A dashcam caught it all.

WATCH | For the news you need, check out our 60 Second Circa.

Comments
Read Comments
Comments
ADVERTISEMENT
Facebook Twitter Instagram Pinterest Linked In List Menu Enlarge Gallery Info Menu Close Angle Down Angle Up Angle Left Angle Right Grid Grid Play Align Left Search Youtube Mail Mail Angle Down Bookmark