The widespread cyber attack on October 21st impacted websites many of us access on a daily basis - Twitter, Netflix, Spotify, PayPal, Reddit, The New York Times - and, believe it or not, LeBlanc Communications!
We noticed that our website was temporarily down as part of at least three distributed denial of service (DDoS) attacks, which are specifically devised to flood a website with so much traffic that normal service is compromised. These far-reaching attacks, originally thought to be experienced only on the East Coast, impaired access across the United States and internationally.
Dyn.com, a cloud-based Internet management company, was the primary target of this attack. Dyn, and its very popular DynDNS.org are commonly used to help dynamic-ip-address users (especially home Internet subscribers) to reach their devices even though they don't have a static IP Address like businesses would have. Click here to read Dyn's Statement about the attack.
The attacks were designed to use common Internet-connected devices, such as baby monitors, webcams and home-based routers. As security experts have been predicting, our ever-growing "Internet of Things" (IOT) increases our efficiency and connectedness, but also exponentially adds to our risks.
One of our IT security partners is The Technology Group in Hartford. We checked with them for feedback on what happened. According to Jay Adams, Manager of IT Security and Assurance Services, "The Internet of Things (IoT) is to blame. It was not just one attack but a series of attacks throughout the day. The Mirai botnet, which was blamed for the attack, looks for certain Internet of Things (IoT) and smart home devices, such as those that are using default usernames and passwords, and turns them into 'Web robots' or 'bots' to use in cyber attacks."
Here are some tips he gave us for what to do to keep your devices from becoming part of these wide-scale attacks: