On Friday, Oct. 21, a massive denial-of-service (DDoS) internet attack took down major internet services such as Netflix and Twitter.
Friday's DDoS Attack
Internet security experts warn that such an attack might come again at any time and it's recommended that every webmaster should prepare by having adequate counter measures. The attack is being blamed on Mirai, a specific kind of malware that has been particularly designed to harness the power of ordinary consumer devices connected to the Internet of Things. Using a DDoS cyber weapon such as Mirai doesn't require much money and isn't particularly difficult.
The bad news is that hackers recently posted the DD0S malware Mirai online, making it available for anyone who wants to use it for their own attacks. According to security experts, Mirai exploited vulnerabilities in thousands of internet-connected devices such as printers and web cameras and then used those IoT gadgets to attack a major internet company. The DDoS attack resulted in widespread internet outages.
What Made This DDoS Attack So Destructive?
According to The Washington Post, distributed DDoS attacks are not something new, they have been around for years. But what made this latest DDoS attack so destructive is the fact that, thanks to the proliferation of internet-connected lights, thermostats, printers, cameras and more, now hackers have many more devices they can use for their attacks.
Mirai makes it easy for a hacker to scan the internet for IoT gadgets to take over. The malware infected devices can then turn into "botnets" for launching coordinated attacks. Most of the junk traffic directed on Dyn in Friday's DDoS attack came from internet-connected video-recording devices and cameras that had components with little security protection, made by a Chinese company.
Are More Attacks Coming?
Should we expect more DDoS attacks coming in the near future? Most internet security experts agree that it's just a matter of when not if. Hacker groups have threatened targets ranging from major corporations to the U.S. presidential election and the Russian government. And it's most likely that these are not just empty threats and those groups are actually capable of taking down and website they target.
In light of the continued growth of IoT-connected devices and the inadequate security for them, experts say that more attacks are inevitable. The solution consists in increasing device security at the hardware level. In fact, these DDoS attacks aren't sophisticated and they can be avoided with the proper precautions in place.
On Monday, Oct. 24, the Department of Homeland Security announced that it's been working on making a list of recommendations for the proper security practices for internet-connected gadgets. The DHS will release these recommendations in the coming weeks.
How To Protect Against DDoS Attacks?
Fortunately, DDoS attacks are still relatively infrequent. But if you are having troubles checking your email or connecting to Facebook, there are good chances you might experience another DDoS attack. In order to pinpoint the problem whenever you're unable to do something online, you can rely on some easy troubleshooting steps. For example, if your mobile phone cannot connect, you can check your laptop. If your smartphone can't connect you can also try to disable its Wi-Fi, forcing it to switch over to 4G LTE.
According to CNET, assuming you can finally get connected that way, then you'll know that it's either a provider issue or a router issue. Sometimes, resetting the router and modem can restore your net connection. You can also try check on specialized websites such as Downforeveryoneorjustme.com and CurrentlyDown, in order to quickly determine if a particular destination like Twitter or Facebook is having an outage.
It's a good idea to also have a local backup. Configure your cloud service like Google Drive or Dropbox to sync with local folders. This will ensure that your files and documents will remain accessible even if you are not able to get online. Or just rely on desktop software that stores documents locally.
Also ensure that you have various ways to contact people. It's true that modern relationships rely more and more on online communication tools such as WhatsApp, Facebook Messenger, Skype, or email. But a DDoS attack could make all those tools useless. Make sure to be able to connect with your contacts even if the internet is down by keeping an address-book entry that includes home, work and mobile phone numbers as well.
Finally, if you need to reach a website affected by DDoS attack, you can try one more thing. This is like switching to a different delivery system. By changing the Domain Name System (DNS) server on your device, you may be able to connect to the affected site.