How Your Smart Devices Could Be Part of a Cyberattack

On May 20, KrebsOnSecurity, a popular and widely-respected cybersecurity blog, was hit by a DDoS attack. Here’s the part you might not expect: your smart TV, your fridge, or even your baby monitor could have been part of that attack.

What’s a DDoS Attack?

A distributed denial-of-service (DDoS) attack is like a traffic jam on the internet. Attackers flood a website or service with so much junk traffic that it can’t handle real requests, so it crashes. DDoS attacks are often used to shut down corporations the attackers don’t like, or even entire governments. And they keep getting bigger. Why? Just like traffic jams have gotten worse because there are more cars, DDoS attacks have gotten larger because the botnets behind them are growing.

Wait… what’s a Botnet?

A botnet is a bunch of devices — computers, servers, and IoT (Internet of Things) devices — that have been infected with malware. The malware hides in the background, doing nothing... until the bad actors flip the switch. Then, all those devices flood a target with traffic, overwhelming it and making it crash.

It’s annoying when this happens to a blog site. It can be catastrophic if the target is, say, a power plant.

So how do bad actors build these botnets? They spend time, money, and effort infecting more and more devices. Then, they rent out the botnet to other criminals, like a “cybercrime-as-a-service” model, for a tidy profit.

Could My Devices Be Part of a Botnet?

Possibly. If it’s connected to the internet, it could be part of a botnet. That includes your phone, computer, your thermostat, smart TV, security cameras, smart fridge, even your smart speaker. Every “smart” thing you own is connected to a network, and if you don’t lock it down, it can get roped into a botnet and used in attacks like the one that took down Krebs.

How Can I Protect My Devices?

Every “smart” thing you own is a potential doorway for hackers. To keep your devices safe:

1. Check your device manuals for security settings.

2. If you’re not sure how to secure it, check online, or call customer support and ask.

3. Stay tuned. We’ll have more details on how to lock down your smart stuff in upcoming posts.

For now, know this: when you secure your devices, you’re doing your part to make the internet a safer place.