Photographee.eu - Fotolia
In this Risk & Repeat podcast, SearchSecurity editors discuss the DDoS DNS attacks on Dyn and what they mean for DNS providers, IoT device manufacturers and enterprises.
The major DDoS attacks on DNS provider Dyn Inc. last week have raised new concerns about how insecure IoT devices can be used for malicious purposes.
The domain name system (DNS) DDoS attacks caused problems for Dyn and intermittently disrupted major websites such as Netflix, Amazon, Twitter, Reddit and others. While Dyn eventually repelled the attacks, the company announced that, with the help of cybersecurity firms Akamai Technologies and Flashpoint, they learned that "tens of millions of discrete IP addresses associated with the Mirai botnet were part of the attack." The Mirai botnet was used last month to conduct powerful DDoS attacks against several targets, including the website of infosec journalist Brian Krebs, using thousands of compromised IoT devices.
The question of who was behind the DNS DDoS attacks last week, and what the motivation was, is still unanswered. But the attacks follow a trend of poorly protected and vulnerable IoT devices being used for malicious purposes.
How can enterprises and DNS providers prepare for such attacks? What is the responsibility of IoT device manufacturers? And what, if anything, can be done to stop Mirai and other types of IoT malware? In this episode of SearchSecurity's Risk & Repeat podcast, editors Rob Wright and Peter Loshin discuss those questions and more on the topics of IoT security and DDoS attacks on DNS providers.
Risk & Repeat: IoT attacks raise enterprise security concerns
Risk & Repeat: Russia accused of state-sponsored cyberattacks
Risk & Repeat: Yahoo security criticized following data breach