Finnish Residents Briefly Left in Cold After DDoS Attack

Per Motherboard:

Simo Rounela, CEO of Valtia, a Finnish company that manages the buildings, told Motherboard that the attack hit a DNS service; that is, servers that translate human-readable internet domain names into computer IP addresses.

Shortly after, Valtia received a number of alerts from one of their building’s automation systems, made by a company called Fidelix.

“Remote connection was not working, so went on-site for more inspections,” Rounela explained. The automated system controlling the heating, ventilation and hot water for the homes kept rebooting every 5 minutes. Eventually, it just didn’t boot-up anymore, he said.

We generally don’t understand the full impacts of connecting things to the Internet; it’s a hugely complex system that we can’t easily ‘fault test’ without breaking a lot of different services and systems. The result is that an attack on one aspect of the Internet – such as the DNS infrastructure – can have unexpected impacts around the world. It’s this potential for untold, and cross-national, impacts linked to cyber attacks that makes many of them so risky and dangerous to the general public.


How hard is it to hack the average DVR? Sadly, not hard at all

Ars Technica:

Johannes B. Ullrich, a researcher and chief technology officer for the SANS Internet Storm Center, wanted to know just how vulnerable these devices are to remote takeover, so he connected an older DVR to a cable modem Internet connection. What he saw next—a barrage of telnet connection attempts so dizzying it crashed his device—was depressing.

“The sad part is, that I didn’t have to wait long,” he wrote in a blog post published Monday. “The IP address is hit by telnet attempts pretty much every minute. Instead of having to wait for a long time to see an attack, my problem was that the DVR was often overwhelmed by the attacks, and the telnet server stopped responding. I had to reboot it every few minutes.”

The Internet of Things should, at this point, mostly be renamed the Internet of Threats.


Brace yourselves—source code powering potent IoT DDoSes just went public

Brace yourselves—source code powering potent IoT DDoSes just went public:

Both Mirai and Bashlight exploit the same IoT vulnerabilities, mostly or almost exclusively involving weakness involving the telnet remote connection protocol in devices running a form of embedded Linux known as BusyBox. But unlike Bashlight, the newer Mirai botnet software encrypts traffic passing between the infected devices and the command and control servers that feed them instructions. That makes it much harder for researchers to monitor the malicious network. There’s also evidence that Mirai is able to seize control of Bashlight-infected devices and possibly even patch them so they can never be infected again by a rival botnet. About 80,000 of the 963,000 Bashlight devices now belong to Mirai operators, Drew said.

Next time you see a vendor sell you something that can be connected to the Internet, be sure to ask:

  • How long will you be providing support for this product?
  • How will you be pushing security updates to this product?
  • What mitigation strategies have you implemented to ensure that a third-party doesn’t take control of this product?
  • What will you do to help me when this device is compromised because of a vulnerability in this product?

I can almost guarantee that whomever is selling the product will either look at you slackjawed or try to use buzzwords to indicate the product is secure. But they will almost certainly be unable to genuinely answer the questions because vendors are not securing their devices. It’s their failures which are have created the current generation of threats that the global Internet is just now starting to grapple with.


The cyberpunk dystopia we were warned about is already here – Versions

The cyberpunk dystopia we were warned about is already here:

It seems that what companies like Cisco and app developers and startups seem to forget is that people can tell the difference between transformative innovation and shopping. Bogost adds: “It’s time to admit that the Internet of Things is really just the colonization of formerly non-computational devices for no other reason than to bring them into the fold of computation. […] Operational benefit is deemphasized in favor of computational grandstanding, data collection, and centralization.”

The best definition of the Internet of Things I’ve come across in a while.