Hangzhou Xiongmai Technology, which produces components widely used in digital video recorders and networked security cameras, has acknowledged that vulnerabilities in its products were exploited in Friday's distributed denial-of-service attack on Dyn. Hangzhoul is recalling thousands of devices to aid remediation of the vulnerability.
Security cameras and SOHO routers formed the better part of the Mirai botnet herd that stampeded through Dyn at the end of last week. One IoT vendor, Will Price, founder of Simple Control, told CEPro that it's misleading to call this DDoS incident an Internet-of-things problem. He would rather understand it as a problem with vendors releasing products that aren't properly secured, an issue that's certainly not confined to the IoT. He's got a point, but the combination of widespread deployment, weak security, and user inattention do seem to make the IoT particularly vulnerable to this sort of exploitation.
Attribution of the Dyn attacks remains unclear. The Washington Free Beacon said that US Director of National Intelligence Clapper told it the incident was the work of "a multi-national hacker group." He didn't elaborate, but other sources suggested it was vandalism as opposed to a nation-state attack. (Contrast, however, the Koppel-Alexander dialogue at CyCon.) Anti-virus pioneer, security gadfly, and quandam (we think) presidential candidate John McAfee thinks he knows whodunit: North Korea. He bases this attribution on what he describes as dark web chatter.
One apparent patriotic hacktivist, "Jester," is convinced the Russians are coming. He sent them a message by defacing an old Foreign Ministry site.