Someone Is Learning How to Take Down the Internet

https://www.schneier.com/blog/archives/2016/09/someone_is_lear.html

A telling article. In the comment section, someone mentioned the attacks could be in preparation for Election Day. I had those same thoughts yesterday morning when I couldn't log in to Twitter for my morning #trumpbookreport fix. It makes one wonder about the timing. A coincidence?

Very scary.

Because I want to be able to control my refrigerator and home heating system at work from my Smart Phone, and view an IP camera image of my front door via my smartphone, and monitor my toast status while I'm on the toilet via my smartphone, Tech Companies compete to sell me the most user-friendly Internet-Of-Things enabled hardware.

If your hardware requires me to spend upwards of 5 minutes setting it up, I will not buy it. Sorry - I'm not a computer nerd. That's 5 more minutes of Smart things I could be doing, wasted.

If my competitor is making a SmartFridge that requires 0 minutes to set up, allowing customers open access to it anywhere in the world with the factory default password and port settings, they will sell more units. I will spend too much on software engineers and legal fees defending my internet protection standards, and quickly go out of business. Or I can do what everyone else does and throw OpenWrt or some other general license system on it and stay afloat.

So what happens when you have 10-50 million internet-enabled devices with default low-security settings occupying American homes?

royg said:

So what happens when you have 10-50 million internet-enabled devices with default low-security settings occupying American homes?

It's a fair question, one that engineers ought to keep in mind all the damned time. Fortunately, there are breakthroughs that dissolve the normal assumptions. The assumption here is that there is a tradeoff between security and convenience. Innovative software gives us both without unreasonable sacrifice. Look at the home routers on the market now. They do not leave wifi networks open by default, and Jane and Joe Average manage to get them up and running.

Yes, but..my teen just spent some time on it this morning, and found a possible pattern of repetitive attempts which our router software categorizes as possible DDOS attacks.

Our newish (a few year old) router does not leave the wifi network open by default, and was easy to install. Great. But the wifi network protection is not the same as the internal protection on the device. The account which is used to edit the router settings was still set at "admin" and "password" since the easy-peasy installation instructions didn't mention anything about changing it for security. Now it is changed.

So the easy and "secure" installation protected us from our neighbors, but not from unauthorized access via our cable modem connection. Still not clear on how big an issue that is. We've removed Skype, rebooted the router, and will check again tomorrow to see if we still have the same pattern of repetitive access attempts.

Not terribly concerned, but keeping track of my teen's research on what is going on.

I can understand that it's initially hard to believe that many American homes have insecure IoT devices in them

Until I say these words: Chromecast - KODI - Roku - Fire Stick

frankly, not being able to watch episode III of Stranger Things wasn't such a loss. I spent some quality time with my dogs and my kids. I might send them a thank you note.

susan1014 said:

Yes, but..my teen just spent some time on it this morning, and found a possible pattern of repetitive attempts which our router software categorizes as possible DDOS attacks.

Our newish (a few year old) router does not leave the wifi network open by default, and was easy to install. Great. But the wifi network protection is not the same as the internal protection on the device. The account which is used to edit the router settings was still set at "admin" and "password" since the easy-peasy installation instructions didn't mention anything about changing it for security. Now it is changed.

So the easy and "secure" installation protected us from our neighbors, but not from unauthorized access via our cable modem connection. Still not clear on how big an issue that is. We've removed Skype, rebooted the router, and will check again tomorrow to see if we still have the same pattern of repetitive access attempts.

Not terribly concerned, but keeping track of my teen's research on what is going on.

The administrative interface of your router (the one that uses "admin" and "password") is accessible only from the internal network (LAN), not the external one (WAN), unless you explicitly change that setting, so you are not vulnerable in that way.

@Tom_Reingold Thought of your Oct. thread this morning after reading this NPR story regarding the CIA hacking assessment.

The author from the September blog post above indicated that the hacks were leading him to believe espionage or intelligence gathering due to the frequency, persistence, and complexity of the DDoS hacking. His idea that the hacks were a possible calibration of weaponry in case of cyberwar seem more legitimate each day and especially so after the 2016 election.

I'm sure we do the same in the other direction, but that's not really comforting.