Twitter, Tumblr, Amazon, Netflix, Raddit, Airbnb and some other famous websites are among the websites interrupted or unreachable after web technology provider Dynamic Network Services Inc, said its domain name system was subject to denial-of-service attacks on Friday morning, said Dyn Inc on Oct 21, 2016.
The red areas where the websites were attacked
Dyn, headquartered in New Hampshire, said in posts on its website that its Domain Name System (DNS) infrastructure suffered a distributed denial-of-service (DDoS) attack starting at 7:10 a.m. EDT, A few hours later, a second cyber attack on Dyn caused more infections, then a third cyber occurred on Dyn again.
The roal of DNS
So why did hackers attack Dyn servers and paralyze America websites？It is because Dyn’s role is to manage the domain name system (DNS) database management, while the role of DNS is to transfer from the digital IP address (a real address of website) to the domain name that is easy to remember. That is to say, it is not the above website which is paralyzed, it is their DNS servers that are attacked and cannot be correctly resolved to an IP address. For example, when an attack occurs, you can not access Google through the www.google.com , but in theory, you can access through the IP address 22.214.171.124.
What is the way the hacker attacks？The principle is simple, that is, through a large number of data requests to make Dyn servers paralyzed, so that other users can not query IP addresses through the domain name. This attack is called DDoS, which is a large distributed denial of service.
However, due to the limited ability to attack for a single computer, and the server has an IP limit, hackers will generally use other controlled devices to access a server to achieve an attack at the same time . For example, in this attack, Dyn says that the attacks are coming from millions of IP addresses.
Dyn also said in a statement that there were a lot of attacks from intelligent networking devices, such as routers, smart cameras, etc. Relative to the previous, where PC’s and local servers were invaded, and now hackers have controlled more intelligent networking equipment.
Think about your home router password, mostly are 12345678, abc123, admin, right? This explains why hackers can control more basic networking equipment, because people have weak security awareness of these devices. Data show that the following 10 passwords are used to control 10% of the Internet devices.
Prior to this, a network security researcher open source community has his own small attack program DDoS Mirai, this program can be used through the infection of intelligent networking equipment to achieve large-scale DDoS attacks. Just a few days before the attack, “Washington Post” reporter Brian Krebs’s website suffered a similar attack. Network security service provider Level3, after investigation, confirmed the attack from the Mirai program. DDoS attacks occurred using up to 1.5 million by invading networking equipment consisting of a “botnet”, most of the equipment is made by Dahua (DAHUA the network camera company)
In addition, the Flash Point company to participate in the survey also found that part of the network equipment involved in the attack also includes a Chinese Hangzhou DVR manufacturer (XiongMai Technologies) production network camera equipment, and the default password of these devices are root/xc3511 group, and users cannot modify the default password.
Fortunately, Titathink’s products are all self-developed, and do not use any of the Technologies (XiongMai) camera module. And the Titathink camera has not written the default password in the bootload file. If you modify the camera after the set of the factory password, hackers will find it difficult to access your camera.Because of these basic networking devices like PC and server will record the login source, so the network security personnel is difficult to troubleshoot the source of attack, plus many cameras and router passwords use the default password, which makes them become the most hackers “be invader “.So in order to ensure your privacy, please as soon as possible to set up a complex landing password for your camera. We recommend the password contains uppercase and lowercase letters, numbers, special symbols such as @# !. But you must remember to record in the mobile phone memory.
Some contents in the article come from the Internet