How Your Email and DVR Brought Down the Internet

By November 9, 2016Blog

A couple weeks ago, tens of millions of Internet of Things (IoT) devices started a brutal attack on Dyn, a company that manages website domains and routes internet traffic. Each of these devices were targeted from a single point of failure. A human being opening a malicious email. Popular websites such as Twitter, Spotify, PayPal, and many more were experiencing difficulties due to a vicious cyberattack. Dyn first posted about a distributed denial of service (DDoS) attack around 7am ET. By 9:30am the issue had been resolved but shortly after the second wave of attacks started. By Friday afternoon Dyn was working on resolving the third and final round of attacks. This caused a huge internet outage mainly affecting the east coast of the United States. Although, by the middle of the day parts of Europe were beginning to report the they were experiencing an outage as well. During a DDoS attack, servers are flooded with so much traffic and requests for information that they can’t respond to them all, often crashing under the bombardment.

Experts investigating the attacks are concerned that the hackers were using Mirai, an easy to use program, to launch the attack. Mirai was recently released to the Dark Web, making it available to anyone who uses the Dark Web. The program is so simple that even unskilled script kiddies are able to use it to take over devices and begin a DDoS attack. Since the source code is extremely accessible and simple to use there is now a high likelihood of similar attacks occurring.

The attack was part of a DDoS targeted at infecting IoT devices all over the world with malware. IoT devices can be webcams, DVRs, routers, cable boxes, home security systems, thermostats, and any other device that is connected to the internet. Mirai quickly spread through networks after phishing emails were opened on a home or company computer. After infecting the first machine, the software rapidly took over any device connected to the network. Once the internet connected device was infected with the malware it became part of a robot network, know as a botnet. The botnet army then drove aggressive amounts of traffic toward the given target in hopes of knocking out the victim’s security systems.

It’s extremely alarming that the code for Mirai can be found fairly easily now that it’s been made public on the Dark Web. However, receiving the dangerous phishing emails that caused the internet outage can be prevented. Clearly having the proper email security system in place can stop emails from illegitimate servers getting into your inbox, lowering the chance of being affected by any sort of malware.

Seeing this kind of attack play out is tough because we know the entire thing could have been easily avoided. Our suite of solutions prevents malicious emails, like the ones that caused Friday’s attacks, from ever reaching an inbox. Specifically Opt-Inbox is equipped with a process that verifies all senders, ensuring the mail received is from humans and not an automated sender. This is how we eliminate spam and the chance of malicious emails from being seen, let alone clicked.