Cybersecurity

Someone Weaponized the Internet of Things




Like poor John Hurt’s character in Alien, the internet is infected with a monster that turned on its host. Instead of using the network to send propaganda videos, or dump emails, or destroy centrifuges, Friday’s attack harnessed thousands of connected devices to take down parts of the internet itself.

The basic pattern of a DDoS attack is nothing new: an attacker uses malware to recruit internet-connected computers into a globe-girdling robot army, which upon command overwhelm their target with unwanted requests. What’s changing is the tremendous growth in the Internet of Things, or IOT, the devices — from PCs to home routers to smart refrigerators — that we attach to the net. Far too many of these are installed with widely known factory-default passwords or other vulnerabilities, making them easy recruits for bot armies.