On October 21, 2016 a number of large websites suffered extended outages due to a Distributed Denial of Service (DDoS). Those websites included Amazon, Netflix, Twitter, and more. A worm, similar to those that have infected as many as 200,000 Internet of Things (IoT) devices like routers, DVR’s, IP cameras and the like so far, was the mechanism behind this attack.
A worm is a special piece of malware that infects vulnerable systems for use in DDoS and other attacks. This worm and others like it continue to spread to unprotected IoT devices and computer systems.
So how do you protect your personal or company IoT devices and computers from such a worm?
- Always change the default password on routers and other IoT devices.
- Always keep your firewall up plus anti-virus and anti-malware up to date.
- Make sure to install all O/S Security Updates promptly.
- Since the worm can be injected by a Dropper program, Stu Sjouwerman of KnowBe4.com suggests, blocking the “TCP port 4636 because that is the port that’s being used to grab the second download.” Be sure to consult a computer professional if you are not sure how to accomplish this step.
For more details, check out Researchers Discover New Malicious IoT Worm .
To learn more about the DDoS attack, go to Who is Learning to Take Down the Internet.