Manufacturers of Internet of Things (IoT) devices are at fault for the Dyn DDoS attack. They have put on the market devices designed to be cheap and have a long battery life but lack security measures.
Seemingly inoffensive connected devices such as baby monitors, printers, cameras, residential gateways, and DVRs became the launching point for multiple denial-of-service attacks (DoS attacks).
These attacks targeted systems operated by Domain Name System (DNS) provider Dyn. The cyber attack affected nearly 70 services including Amazon.com, Netflix, PayPal, PlayStation Network, Spotify, Twitter, Xbox Live, and even the Swedish Government.
All these major organizations have invested heavily in cyber security. More worrying is the fact that an army of $100 devices can take down government websites with ease. In the worst case scenario, military networks could be next.
Governments around the world are starting to take cyber security seriously
The Swedish Government and many other governments will probably increase their cyber attacks countermeasures. It should also be a wake-up call for the industry. Security experts have been warning this threat, but no one was paying attention.
Emerging startups could seize the opportunity to build innovative security systems in LAN network and cloud. It would mean to analyze the traffic before IoT devices can join critical systems like energy plants.
They could also create new layers of security or improve the ones already in use such as firewalls, endpoint software, encryption, and real-time analytics.
Anonymous and New World order claimed responsibility for the Dyn DDoS attack
Both groups said it was in retaliation for Ecuador’s decision to rescind Internet access to Julian Assange. The Embassy of Ecuador in London granted asylum to the WikiLeaks founder in August 2012.
However, Anonymous and New World Hackers did not claim responsibility during or the immediate aftermath of the events. In consequence, the DHS is looking to confirm their claims.
FlashPoint has another theory. The business risk intelligence firm say the attacks could be the work of script kiddies or unskilled individuals. They use scripts developed by others to carry out their cyber attacks.