Like many of you, I was “inconvenienced” by the DDoS (Distributed Denial of Service) attack that took down internet address-translation service Dyn last week. Personally, when I realized that many of my customers’ websites were off line – and there was nothing I could do about – I took the rest of the afternoon off. But, when I soon learned that the event has been caused by the hijacking of tens of thousands of simple devices, including wireless routers and IoT (Internet of Things) devices, I started to panic.
Just days before I had installed a new Phillips Hue light system in my apartment. Was it I who broke the Internet?
Indeed in one article I had read, the Phillips Hue light system was cited as one of the bad boys out there because they have not “taken security seriously.” I almost yanked the system out of the wall and scurried around to find some different light bulbs!
Today, I found this article that has relived my guilt and assuaged my fears. Although Patrick Nelson’s article, “Residential routers easy to hack” did initially raise my blood pressure, I quickly found a reference to something called “the Internet of Things Scanner, powered by BullGuard, (which) allows users to check if devices on a network are publicly accessible from the internet.” While not a service to give me a completely clean bill of health, the quick scan did indeed determine that there were no bad actors in my light bulbs – or at least that is what I have determined.
In looking at this issue and all of the associated articles spewing paranoia – like we need more of that in this election season – it appears that much of this comes down to good old human behavior. The biggest fault we have is laziness and complacency. Granted, 99% of the population of people who have wireless routers in their homes and office do not even know there is a way to login and access the backend of the device. But for the few of us who do, how many have not bothered to change the default password and username? I actually did when I purchase the Motorola gateway a few years ago. But, then again, I am a bit of a password nut who regularly drives friends and family crazy with my clever passwords for the millions of devices and applications I own and run.
Oh, and then take the rest of the day off. You deserve it!