Was Friday's massive hack mounted through BABY MONITORS? Investigators say attack could have relied on internet-connected household items to flood servers with traffic

• e-mail

Hackers that wreaked havoc across the US on Friday by shutting down major websites could have relied on household items to take down servers.

Early investigations into the attack that crippled websites across the US and in some parts of the UK on Friday found the 'internet of things' could have been used to overload servers at Dyn - the company that was targeted.

The shocking development revealed almost 500,000 items were potentially at risk of being activated without their owners' knowledge, with everything from baby monitors, DVRs, security cameras, and other gadgets turned into cyber weapons.

Hackers that wreaked havoc across the US on Friday by shutting down major websites could have relied on household items to take down servers. This is a map showing the areas hit by the reported outages 

'The complexity of the attacks is what is making it so difficult for us,' Kyle York, the company's chief strategy officer, said. 

'This is not your every day attack.'

Dyn's general counsel, Dave Allen, later confirmed that much of the traffic being used to take down servers was coming from internet-connected devices infected with a type of malware known as Mirai.

An online security expert explained how at least 45,000 'internet of things' object were used in the attack on Dyn.

Early investigations suggest the 'internet of things', which includes baby monitors, was used by the hackers to overload servers (stock image)

Dyn's chief strategy officer Kyle York said on Friday: 'This is not your every day attack'

Dale Drew, chief security officer at Level 3 Communications, said so during a livestream on Friday, before saying the total number of infected items has almost doubled in just one month. 

The alarming new information comes after Wikileaks revealed it thought its supporters were behind the hack.

The group sent out a tweet on Friday night reading: 'Stop taking down the US internet... Mr Assange is still alive and WikiLeaks is still publishing.'

It then tweeted: 'The Obama administration should not have attempted to misuse its instruments of state to stop criticism of its ruling party candidate.'

The Ecuadorian government switched off Assange's internet service in its UK embassy Sunday after he released another tranche of emails showing the contents of a speech given by Hillary Clinton to Goldman Sachs.

Pictured are maps showing the attacks, with the most damage being done in the US. However parts of South America, Mexico and the UK were also hit

WikiLeaks accused John Kerry and the US Government of asking Ecuador to shut down Assange's internet connection, but the South American country denied it came under any pressure from the US or any other government.

Despite WikiLeaks' claims its supporters were behind the attacks, members of a shadowy collective that calls itself New World Hackers claimed responsibility via Twitter.

They said they organized networks of connected 'zombie' computers called botnets that threw a staggering 1.2 terabits per second of data at the Dyn-managed servers.

'We didn't do this to attract federal agents, only test power,' two collective members who identified themselves as 'Prophet' and 'Zain' told an AP reporter via Twitter direct message exchange.

A chart shows Twitter outages over the last 24 hours with a huge peak later in the day

A number of major sites including Spotify are to be down in an internet outage. Internet infrastructure provider Dyn said this was due to an ongoing interruption of its network. Pictured is a chart of Spotify outages reported in the last 24 hours on Down Detector

WHAT ARE DOMAIN NAME SERVERS USED FOR? 

Anonymous in 2010 targeted the DNS provider EveryDNS as retribution for denying service to WikiLeaks

Domain name servers are a crucial element of internet infrastructure, converting numbered Internet Protocol addresses into the domain names that allow users to connect to internet sites. 

The loose-knit hacktivist network Anonymous in 2010 targeted the DNS provider EveryDNS among others in 2010 as retribution for denying service to the anti-secrecy organization WikiLeaks.

Though such attacks are not uncommon, Friday's incident immediately underscored the interconnected vulnerabilities for large portions of the internet, with brand-name companies affected by an attack on a single company.

'The internet continues to rely on protocols and infrastructure designed before cyber security was an issue,' said Ben Johnson, a former engineer at the National Security Agency and founder of the cyber-security company Carbon Black. 

Advertisement

The White House slammed the attack on Friday, calling it a malicious disruption.

Internet service company Dyn, which controls the 'address book' of the internet for dozens of major companies, said that it had suffered its first denial of service (DDoS) attack shortly after 6AM ET (11AM BST), in an attack that mostly affected the east coast of the US.

It told CNBC the attack is 'well planned and executed, coming from tens of millions of IP addresses at same time.'

It confirmed a second attack at 1PM ET, which appeared to be centered on UK servers, and later said 'several' attacks were underway on servers across the globe, with the west coast being particularly badly hit. 

Dyn said Friday evening a third cyber attack 'has been resolved'.

The cyber attack meant that millions of internet users could not access the websites of major online companies such as Netflix and Reddit as well as the crafts marketplace Etsy and the software developer site Github, according to media reports.

The website Gizmodo said it had received reports of difficulty at sites for media outlets including CNN, The Guardian, Wired, HBO and People as well as the money transfer service PayPal.