Friday’s massive outages (affecting Twitter, GitHub, and Spotify, among others), were caused by a DDoS attack, with requests originating from Internet of Things (IoT) devices. These included devices such as CCTV cameras and digital video recorders, which made a flood of requests to Dyn, a DNS service.
The New Stack article, linked below, discusses the DDoS attack, as well as some possible steps for remediation of IoT security issues (as discussed by a Stream Conf 2016 panel last month).
Among the recommendations:
- Data level certificates for all devices
- Configuring devices so they’re not always on
- Building in strong update mechanisms
Follow the link below for the complete article from The New Stack: