On March 10th, Elon Musk’s X (formerly Twitter) was hit by a series of apparent DDoS attacks denying access to thousands of users of X throughtout the day. A DDoS occurs when the Domain Name Sevice (DNS) provider for a site gets flooded with an overwhelming amount of traffic which causes the website to shut down. Often the traffic comes from an army of botnet computers which are computers of unsuspecting people that become infected and can be remotely used to send the huge amounts of communications necessary to cause a DDoS. This problem can become magnified as the cybercriminals infiltrate and incorporate into their botnet not just computers, but also the myriad of devices that make up the burgeoning Internet of Things. Anything that is connected to the Internet can be hacked and used to become a part of a botnet. Too often, many of these devices that make up the Internet of Things are poorly protected with weak passwords and are easily hacked.
While Elon Musk posted that he believes the attack was done by “a large, coordinated roup and/or a country,” the fact is that botnets sufficient to perpetrate such an attack can be found for lease on the Dark Web, that part of the Internet where criminals buy and sell goods and services and do not require the level of sophistication of nation-state cyber resources. DDoS attacks are generally not much more than a nuisance and do not indicate that the attacked site has been hacked in any way or had data stolen. In the past we have seen the threats of DDoS attacks used to extort money from companies
TIPS
While there is nothing that we as consumers can do to stop DDoS other than to maintain the security of our own computers and devices connected to the Internet to keep them from becoming a part of a botnet, there are a number of steps that companies should be taking to protect themselves from future DDoS attacks in addition to the regular Firewalls and routers configured as best they can be to reject malicious traffic including the use of load balancers to spread traffic across multiple servers within a network to create additional capacity to handle the traffic as well as cloud based programs to identify and divert malicious traffic.
There are steps you can take, however, to keep your router from not being a part of a botnet including changing the default password as soon as you install a new router.
Most of the devices that make up the Internet of Things come with preset passwords that can easily be discovered by hackers. Change your password as soon as you set up the product. Also, set up a guest network on your router exclusively for your Internet of Things devices. This is important so that you can keep the sensitive personal information you have on your computer or cell phone from being accessible through a hacking of any of your Internet of Things devices.
Configure network firewalls to block traffic from unauthorized IP addresses and disable port forwarding. Make sure that you install the latest security patches as soon as they become available. Use encryption software for the transmission of data and find out where data is stored and what steps are taken to secure the information.
Make sure your router is secure and use its whitelisting capabilities which will prevent your device from connecting to malicious networks. Routers are a critical part of your smart home security. Make sure it will automatically download and install the latest security updates from its manufacturer. If your router is an older router that does not have this capability, you can check the manufacturer’s website regularly for the latest updates, but frankly, you are probably better served by getting a newer, more secure router. Make sure you have a unique password for each of your Internet of Things devices and use dual factor authentication whenever you can for all of these devices.
If you are not a subscriber to Scamicide.com and would like to receive daily emails with the Scam of the day, all you need to do is to go to the bottom of the initial page of http://www.scamicide.com and type in your email address in the tab that states “Sign up for this blog.”