Hackers’ code expected to slow Internet speed
Advertisement
Read this article for free:
or
Already have an account? Log in here »
To continue reading, please subscribe:
Monthly Digital Subscription
$0 for the first 4 weeks*
- Enjoy unlimited reading on winnipegfreepress.com
- Read the E-Edition, our digital replica newspaper
- Access News Break, our award-winning app
- Play interactive puzzles
*No charge for 4 weeks then price increases to the regular rate of $19.00 plus GST every four weeks. Offer available to new and qualified returning subscribers only. Cancel any time.
Monthly Digital Subscription
$4.75/week*
- Enjoy unlimited reading on winnipegfreepress.com
- Read the E-Edition, our digital replica newspaper
- Access News Break, our award-winning app
- Play interactive puzzles
*Billed as $19 plus GST every four weeks. Cancel any time.
To continue reading, please subscribe:
Add Free Press access to your Brandon Sun subscription for only an additional
$1 for the first 4 weeks*
*Your next subscription payment will increase by $1.00 and you will be charged $16.99 plus GST for four weeks. After four weeks, your payment will increase to $23.99 plus GST every four weeks.
Read unlimited articles for free today:
or
Already have an account? Log in here »
Hey there, time traveller!
This article was published 08/10/2016 (3370 days ago), so information in it may no longer be current.
SAN FRANCISCO — Consumers around the world could see their home Internet speeds slow in the coming weeks due to a recent release of software that allows hackers to use Internet-connected devices to attack websites.
The source code for Mirai, a tool that creates what are known as botnets, has been released on the so-called dark web, sites that require specific software or authorization to access and operate as a sort of online underground for hackers. The release was announced Friday on Hackforums, a hacker discussion board. Two security experts looked at the source code and confirmed it was this botnet tool.
Mirai is an easy-to-use program that allows even unskilled hackers to take over online devices and use them to launch distributed denial of service, or DDoS attacks. The software spreads via the Internet, taking over DVRs, cable set-top boxes, routers and even Internet-connected cameras used by stores and businesses for surveillance.
Once a device is hijacked, so much of its bandwidth goes toward doing the botnet’s work it can run slowly or suffer intermittent failures, and it’s very difficult for the consumer to know the cause.
The code is “a gift to cyber-criminals,” said Thomas Pore, director of IT and services for Plixer International, a Kennebunk, Maine-based malware incidence-response company.
Mirai was used to knock computer security writer Brian Krebs offline Sept. 13.
Expect more and more such attacks in the future, says Roland Dobbins, a DDoS expert with Arbor Networks. “We’re seeing more attackers becoming aware that embedded devices are an easy way to launch these attacks,” he said.
DDos attacks have existed since at least 1999. They involve using a network of computers to bombard a website with millions of messages, so many the system cannot cope and shuts down.
At one point Krebs’ site Krebsonsecurity.com was receiving 665 gigabytes of traffic per second, one of the largest such attacks recorded, he wrote on his blog. It’s something like streaming 65 3-D movies per second, and the torrent of data was so large it made it impossible to access the site.
Krebs believes the attack was in retaliation for his recent articles on two recently arrested attackers.
In the past, such DDoS attacks were accomplished by hijacking computers with malicious software and turning them into a robot network, or botnet, that sent the messages.
Mirai and other software available online now focus on compromising devices that are connected to the Internet but that most consumers don’t think of as computers, the so-called Internet of Things.
In the Krebs attack, the network was launched from thousands of Internet-connected surveillance cameras of the type used in stores and businesses as well as digital video recorders and other Internet-connected devices.
DDoS attacks are launched for several reasons. The most common are ideologically motivated ones, where the attackers want to knock a website offline to silence its message. They’re also used by hackers trying to distract companies from other hacking efforts within their networks. They can also be used as extortion tools, with criminals crippling a site then demanding payment to stop the attack or not re-engage, said Dobbins.
“If you’re running an IP surveillance camera or a DVR system and you’re using it with factory default credentials, there’s a better than decent chance it’s already compromised,” said Krebs.
Even deleting the malware won’t do much because the botnets are constantly searching the Internet for new devices to hijack.
“Once you plug it back in there’s probably five or 10 minutes before it gets infected again because there’s such much scanning going,” he said.
Many such devices have no built-in security. For devices that come with a password, the first thing consumers should do is reset the default password to a new one. However, that’s often easier said than done.
“In many cases when people buy these devices, there may not be any updates, and even if there are, it can be daunting for ordinary human beings to apply,” said Arbor Networks’ Dobbins.
Consumers have few ways to combat this because companies tend not to invest in security unless they have to, said Avivah Litan, a computer security analyst with Gartner.
— USA Today