(Eric Lieberman, The Daily Caller News Foundation) – A university’s IT staff recently battled a concerted assault piped and coordinated through smart, web-capable vending machines, light bulbs, and other devices, according to a Verizon report.
A senior member of the institution’s IT security team was the first to identify the problem after receiving a number of student complaints about slow or inaccessible network connectivity.
The university, which isn’t named in Verizon’s report, then contacted the Verizon RISK (Research, Investigations, Solutions and Knowledge) Team in order to determine the culprit.
The servers on the internet tasked in handling the web address management, also called Domain Name System (DNS), were inundated with a number of requests from internet-connected devices. DNS is essentially the yellow pages of web addresses.
“The name servers … were producing high-volume alerts and showed an abnormal number of sub-domains related to seafood,” according to Verizon’s Data Breach Digest report.
Verizon’s RISK Team gathered data from the university and the “analysis identified over 5,000 discrete systems making hundreds of DNS lookups every 15 minutes.”
The server requests were coming from the school’s internet of things (IoT) infrastructure, meaning the many everyday devices that are connected to the internet. The servers struggled to keep up with these unusual requests and it slowed down the network.
“Everything from light bulbs to vending machines had been connected to the network for ease of management and improved efficiencies,” the report explains of the school’s makeup. A botnet (a portmanteau of “robot” and “network”) was sending malware (a portmanteau of malicious software, or a virus) to the internet-connected devices, and would change the password–locking the IT staff out of the 5,000 systems.
Rather than directly replace every one of the malware-infected devices, Verizon’s RISK Team was able to inspect the network traffic, “intercept the clear text password for a compromised IoT device” and then perform a password change before the next malware update.
The source of the botnet is not known, but the problem was eventually remediated by deciphering the password that the malware was using.
Educational institutions have been virtually attacked and hacked before.
The University of Calgary was forced to pay 20,000 Canadian dollars (roughly $15,700) last year to hackers who infiltrated the college’s information technology systems. In a very similar situation, a Los Angeles college paid hackers $28,000 to remove infected software from its computer systems after cyber criminals took the school’s data hostage.
In October, a number of popular websites were inaccessible for people living in the Northeast of the U.S. after a botnet overwhelmed nameservers by sending tons of a data over and over again to one place.
Such attacks may be harder to stop after the Obama administration allowed an American corporation’s DNS management contract to expire last year, subsequently leaving power shared amongst several different countries.
Content originally published at The Daily Caller.
Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact firstname.lastname@example.org.