With all the power and possibilities the Internet brings to us, there is also a dark side -  a fact that we can neither neglect nor deny. To sum it up in phrases, we could say "with great power comes great responsibility" or "where there is light, there is also shadow": The latest attack struck Wikipedia and lead to a massive DDoS, making the online encyclopedia quite difficult to access this night.

Waking up this night, I tried to visit Wikipedia (things you usually do when your baby girl prevented you from a normal sleep rhythm) and wondered why neither the app nor the site was working properly. Fortunately, sleep caught me again before I could deal with further investigations but this morning I learned that especially Wikipedia Germany was struck by a massive DDoS-attack. This attack is told to have used numerous insecure IoT-devices to bog down the site and services. Wikimedia Germany issued a statement shortly after the site went down on Twitter.

Also the French site and its derivate in the UK are told to have been affected as well for a specific time. The attack is told to have lasted for nine hours and spread from the American continent to other instances of Wikipedia.

At the moment is seems as if the attackers have used combined and numerous insecure IoT-devices that were hijacked and turned into an unified "DDoS-army". Mentioning this, you can clearly see the shadows of today's IT world - especially if you use cheap IoT-devices that aren't secured at all: For example, many user won't change standard admin credentials on these devices (which are often quite insecure, too) or those devices use plain Telnet access to get managed - even in 2019.

The Internet of Things

Yes, this is a good chance to review your setup of IoT-devices in your own home. Is in- and outgoing traffic regulated by a firewall? Do those devices communicate over standard, unsecure ports? Are the default credentials still active? For example, I once had the chance to test a robot vacuum cleaner that generated more DNS-entries in one hour than the rest of the household on one day. By regulating this traffic I discovered that it communicated all the time to a specific Alibaba-Server in Frankfurt, Germany by pushing out those DNS-queries. After blocking this, the mobile app to control the robot didn't work anymore so a specific rule allowing this device to only reach this IP on TCP-port 53 gained a good compromise between security and mobile orchestration.

"With great power comes great responsibility" so we should take nothing for granted - even not the ability of accessing the world's largest and free online encyclopedia. Use this event as your personal remembrance to review your IoT-devices and your home network before they may (unwillingly) be part of an army of hijacked devices, bogging down services that we all benefit from!