The 7 devices in your home that could be used for next DDoS attack
More than 10 million devices hooked up to the internet of things (IoT) were hacked in a Friday attack that slowed a huge swath of the internet to a crawl.
The next time that happens, your device could be one of them (if it wasn't already).
Research conducted by ForeScout Technologies, an IoT security company, found seven home smart devices connected that can be hacked in 180 seconds and may be weaponized in the future.
You May Also Like
Those devices include smart refrigerators, smart lightbulbs, video conference systems, VoIP phones, printers, security systems and climate control meters.
"While [internet of things] devices make it possible for organizations to run faster and more efficiently, they are too often used with little regard to their security risk," the authors of the ForeScout report wrote. "The rush to deliver new types of IoT technologies sacrifices security – almost 100 percent of the time."
Many smart devices are manufactured with default passwords that are easy for hackers to get through.
"Once a hacker takes advantage of it and gains access to the device, he or she can move around and do anything as the root user, such as planting a permanent backdoor," Samy Kamkar, a famous hacker and security researcher said in a video accompanying ForeScout's research that demonstrates how hackers gain access to IoT devices.
Then, the hacker can come back to the device whenever she wants.
Friday's digital assault was what's known as a distributed denial of service (DDoS) attack. This occurs when a hacker sends so much data at a website that the server can't handle the flow, preventing normal users from accessing the site.
Last week's attack was directed at Dyn, which provides domain name services to many of the most popular sites on the web, such as Twitter and Spotify. Because Dyn is a necessary part of the infrastructure for so many sites, much of the internet was either sluggish or largely inaccessible as the attack went on.
The hacker behind the attack broke into millions of digital video cameras and digital video recorders and used them to flood Dyn with junk data.
With about 6.4 billion connected devices around the world today and an expected 20 billion connected devices around the world by 2020, we can expect to see more huge DDoS attacks that take advantage of security vulnerabilities in devices hooked up to the internet of things.
Hackers can also use their access to conduct smaller attacks, too. If they gain access to a climate control system, they're free to set the temperature to whatever they want. If a hacker gets ahold of a video conferencing system, they could record what takes place where the system is located.
Blocking access to your devices is not always possible, but can be as simple as rebooting them and resetting the passwords.
Resetting a device to factory settings can delete any malware that's already embedded. Once that happens, searching the web for the make and model of your device should yield a user and password combination along with a web address you can then key into a browser. That should turn up the device's administration panel.
But not all devices can be saved. Some manufacturers have simply left too many doors open to potential hackers, meaning they are vulnerable for use in the next huge DDoS attack.
Colin is Mashable's US & World Reporter. He previously interned at Foreign Policy magazine and The American Prospect. Colin is a graduate from Columbia University Graduate School of Journalism. When he's not at Mashable, you can most likely find him eating or playing some kind of sport.
