Welcome to the Internet of Evil Things. The attack that disrupted much of the Internet on October 21 is still being teased apart by investigators, but evidence thus far points to multiple “botnets” of Internet-connected gadgets being responsible for blocking access to the Domain Name Service (DNS) infrastructure at DNS provider Dyn. Most of these botnets—coordinated armies of compromised devices that sent malicious network traffic to their targets—were controlled by Mirai, a self-spreading malware for Internet of Things (IoT) devices.
Twitter, Spotify and Reddit, and a huge swath of other websites were down or screwed up this morning. This was happening as hackers unleashed a large distributed denial of service (DDoS) attack on the servers of Dyn, a major DNS host. It’s probably safe to assume that the two situations are related.
As you navigate through Chrome, or Safari, or Firefox, or whatever your browser of choice is, you’re often given an enticing option: Would you like us to save your password? A recent browser beach is a reminder that if you answer yes, you’re taking a risk.
Where is autocorrect when you need it? A spelling mistake was the only thing standing between a group of hackers and the $1 billion dollars they tried to steal from Bangladesh Bank. After the hackers misspelled “foundation” as “fandation” in a wire transfer request, it prompted bank authorities to investigate the veracity of the transfer order. The hackers initiated a series of money transfer requests after stealing credentials the bank uses to authorize electronic transfers.
While the ransomware threat is growing at an alarming rate, many consumers remain oblivious to the dangers posed by this form of malware. It is no wonder that infections are at a record level. And things will only get worse as ransomware creators target new types of devices.