The Oct. 20 cyberattack on major U.S.-based internet domain host, Dyn, was partly carried out using internet-connected devices such as digital recorders and webcams, Dyn’s chief strategy officer said Oct. 21, Reuters reported.
The attackers secretly implanted malicious code in hundreds of devices in the so-called “internet of things” to create a network. The devices were combined with millions of computers to inundate Dyn’s servers with spurious traffic in a method known as a distributed denial of service attack. The cyberattack managed to take down sites including Twitter, Paypal, Reddit, Spotify and numerous media outlets. Both the FBI and U.S. Department of Homeland Security are investigating.
The source of the attack will be particularly difficult to track down given the methods used, but experts are not ruling out hackers sponsored by nation states. The Oct. 20 incident follows closely on a Department of Homeland Security warning last week that manufacturers needed to increase security in internet-connected devices.