Mirai botnets caused the attack!!!
Twitter, Amazon, and PlayStation Network were on the list of DDoS attack on DYN.
These botnets gain access to our system through unsecured IoT devices such as routers, CCTV cameras, smart home appliances, and even DVRs. It can severely alter the DNS servers while cutting off the users from the site they are surfing.
The attack infected an abundance of connected device worldwide. Now attackers have released the source code for thousands of hackers, allowing them to infect millions of devices. Experts even predict that cyber-criminals could attempt similar attacks to take down hundreds of sites.
If we analyze the current scenario, more than 50% of consumers have internet connected device in their home. If IoT device manufacturers don’t pay serious attention to security, these attacks could reach an unpredictable level.
Protecting Your Network from IoT Botnets
Most of us rely on one DNS provider, meaning there are hundreds of users on the same network. A single attack on one user can create a threat for all, which was the case with a DDoS attack on Dyn. Although there are no proper security protocols to tackle this problem, adopting hybrid DNS architecture might be the right solution. In hybrid architecture, the protocol service is spread across many DNS servers allowing users to switch before anything critical happens. When a server is attacked, the services will be automated to another unaffected server, thus preventing server crashes. Another method is to use secured hardware able to handle a large volume of traffic while identifying and blocking attacks.
The tips mentioned above are best for defending the attacks, but what if there is a way to cut the source of the problem?
Using the DNS protocol as a defense
Our internet service provider doesn’t protect our devices from sophisticated botnets like Mirai, as they are an open design. And most users are not aware of such threats and rely on simple hardware with a basic firewall.
Besides that, we cannot keep our networks and hardware updated all the time and vendors don’t care once they sell their goods. It creates an extremely vulnerable environment, which can be penetrated anytime by hackers and cyber-criminals.
So what is the solution? Internet service providers can take a strong step by providing stout controls for customer premises equipment and user networks. It will help the users to identify different attack patterns, especially from Mirai botnets. After detecting such attacks, DNS security tools can be used to transfer customer’s COE from an open network to restricted one.