It sounds like a sci-fi movie. Over 5,Uncontrollable Sexual Desire000 connected devices, including light bulbs and vending machines, were hacked to slow internet service at a university to a crawl.
Poorly secured internet of things (IoT) devices have become gold mines for hackers looking to launch DDoS attacks to take websites and services offline. But this latest case, detailed in Verizon's Data Breach Digest 2017, is the rare example of gadgets attacking their own network.
SEE ALSO: Your smart fridge is about to make our IoT security nightmare so much worseThe devices were making hundreds of Domain Name Service (DNS) lookups every 15 minutes, causing the university's network connectivity to become unbearably slow or even inaccessible.
Weirdly enough, the majority of the searches "showed an abnormal number of sub-domains related to seafood," the report said.
Here's an abstract from the Digest'ssneak peek:
The firewall analysis identified over 5,000 discrete systems making hundreds of DNS lookups every 15 minutes. Of these, nearly all systems were found to be living on the segment of the network dedicated to our IoT infrastructure.
With a massive campus to monitor and manage, everything from light bulbs to vending machines had been connected to the network for ease of management and improved efficiencies.
While these IoT systems were supposed to be isolated from the rest of the network, it was clear that they were all configured to use DNS servers in a different subnet.
It's very unlikely, to use an understatement, that thousands of students at the university had a sudden and simultaneous urge to eat seafood.
Instead, what did happen was that cheeky hackers instructed the IoT devices to make DNS lookups related to seafood every 15 minutes.
Here's what Verizon's RISK (Research, Investigations, Solutions and Knowledge) team told the university after they were summoned to investigate the attack:
The RISK Team had provided me with a report detailing known indicators found in the firewall and DNS logs that I had sent over earlier. Of the thousands of domains requested, only 15 distinct IP addresses were returned. Four of these IP addresses and close to 100 of the domains appeared in recent indicator lists for an emergent IoT botnet.
So here's the case of vending machines and lamp posts compulsively searching for seafood and overwhelming the network with requests with the aim of taking it down.
If this isn't creepy/dystopian/fascinating, we don't know what is.
Luckily for the guys at the university, there was no need to replace "every soda machine and lamp post".
The Verizon's RISK team explained that the botnet "spread from device to device by brute forcing default and weak passwords".
To solve the massive hack, the university intercepted a clear-text malware password for a compromised IoT device and then used "that information to perform a password change before the next malware update".
Easy, right?
Overall, it doesn't look like this problem is going away anytime soon. There are more than 6 billion IoT devices currently running, according to Gartner Research. That number could reach more than 20 billion by 2020.
Topics Cybersecurity
Sony launches new flagship XM6 headphones: Order them now
The 12 best iOS 11 features you haven't heard about yet
People really 'love' Facebook's Messenger reactions
People really 'love' Facebook's Messenger reactions
Best Hydro Flask deal: Save $10 on a 24
Walmart tests a giant self
Facebook Live introduces closed captions for deaf and hard of hearing users
The 12 best iOS 11 features you haven't heard about yet
Best vacuum mop combo deal: Save $140 on the Tineco Floor One S5
Katy Perry can't find a signal on 'Witness'
Outdoor speaker deal: Save $20 on the Soundcore Boom 2
Katy Perry can't find a signal on 'Witness'
Researchers devised a way to measure a star's mass, thanks to Einstein
The Cavs' locker room reportedly smelled like weed after NBA Finals Game 2
Operation Mensch
The NSA leaker might was likely outed by tiny yellow tracking dots
The Cavs' locker room reportedly smelled like weed after NBA Finals Game 2
The Cavs' locker room reportedly smelled like weed after NBA Finals Game 2
A Typical Wall Street Republican
Walmart tests a giant self
All Kesha wants for Christmas is for you to hear her new musicWhat you should expect from the iPhone in 2017Tiger Woods creeps out the entire internet with shirtless 'Mac Daddy Santa' pic17 'Rogue One' questions answered by the novelDouble parker receives shoppers' wrath in the form of shopping carts'Of course' Martin Shkreli would raise drug prices againThe Pantsuit Nation backlash has spiraled out of controlHow to Move PC Games to a New Drive: Steam, Origin, Windows Store, Epic Games, Battle.net & GOGAvril Lavigne wants Mark Zuckerberg to stop bullying NickelbackThe views from these coastal homes will take your breath away8 weird things Indians did in 2016 to get into Guinness World RecordsA NASA rover sent home an immersive Mars panorama. Watch the video.Delight in the oldTiger Woods continues making suspect decisions, golfs with Donald TrumpAvril Lavigne wants Mark Zuckerberg to stop bullying NickelbackSlay your relatives with these 30 'Game of Thrones' giftsNo mercy: Facebook page held hostage in payment dispute7 films that show how Bollywood came of age in 2016LeBron James is also king of dancing like no one is watchingNo mercy: Facebook page held hostage in payment dispute Internet patriotism soars as USA basketball wins gold at Paris Olympics D23 2024: Everything announced and shown at this year's fan event, so far Dyson OnTrac Headphones with ANC are now available Best TV deals this week: LG's 2024 C4 OLEDs, cheap QLEDs Google Pixel 9 Pro Fold: Hands Best Apple Watch deals: Save on Series 9 and more Best speaker deals: Save big on portable, Bluetooth, and floor speakers Nintendo Switch 2: It might not come out in early 2025 after all NYT Strands hints, answers for August 10 Wordle today: The answer and hints for August 14 NYT mini crossword answers for August 10 Pixel 9 launch event: Everything announced at Made by Google 2024 Best smartwatch deal: Get the Google Pixel Watch 2 for its lowest price yet at Amazon By a technicality, August's full moon is blue. Here's why. Shop the Sony WH NYT Strands hints, answers for August 14 'Close to You' review: Elliot Page trans drama gets risky in improvisation The best camping deals at Amazon this week include coolers, tents, and more ChatGPT Voice Mode is capable of some freaky stuff — but here's how OpenAI is tackling it. Best unlocked phone deals for the week of August 14, 2024
2.422s , 8223.9765625 kb
Copyright © 2025 Powered by 【Uncontrollable Sexual Desire】,Unobstructed Information Network