DDoS via the Internet of Things – the first wave of attacks?

Laurence Pitt of Juniper Networks

In the last year, we’ve all heard of the Mirai malware, but did you know that Mirai is Japanese for ‘the future’? And that’s what I believe we are seeing: The future of cyber-attacks.

This doesn’t mean that everything else goes away, says Laurence Pitt, Juniper Networks Security Strategy director for Europe, the Middle East and Africa (EMEA). There will still be phishing attacks, socially engineered access and advanced persistent threats, but these are costly to develop and with distributed denial of service (DDoS) in IoT, the bad guys seem to have found a simple and successful business model to raise needed funds:

Develop malware à Use in high profile attack à Monetise threats with service model

There’s no law of supply and demand on the Dark Net; threats exist as code and can be downloaded, modified and used by any number of people. This was demonstrated successfully with the DDoS attacks in late 2016, where major attacks were almost immediately followed by hundreds of ‘copy-cat’ attacks.

There were wasted, precious cycles as incident response teams needed to spend time on identification – creating a smokescreen which allowed the original attackers to quietly disappear.

So, what do I mean by this blog title: “DDoS via IoT – the first wave of attacks?”

I’m not saying that we are going to see millions of DDoS attacks in 2017. Rather, I think that the malware groups are now at the monetisation stage, selling botnets-as-a-service (BaaS) on the Dark Net, making license revenue for further research.

The hacker who developed and recently released the Mirai source code subsequently blogged, “I made my money, there’s lots of eyes looking at IoT, so it’s time to go.” This statement is the basis for my prediction: The DDoS and Botnet attacks in 2016 were the first wave, gathering intelligence and generating revenue which will now be used to develop and propagate advanced and complex IoT Next Generation malware.

What might we see next? We’re starting to see new developments already. Just in the last months, we have seen an American university’s network disrupted by a combination of vending machines and lightbulbs! Next could easily be a botnet with embedded ransomware taking control of an office building and delivered as an automated attack – holding business to ransom – demanding payment literally to turn the lights back on.

These attacks are coming and until security for IoT catches up, they will remain a risk. So, what can we do to become safer and not come home to find the espresso maker that made coffee at breakfast has become a cyber-mastermind by dinner?

    • Mirai is simple to remove and it’s likely that attacks of the future will be too. Think about regularly power-cycling for IoT around the home and office – this will include network routers, bulbs and that coffee machine. You should at least perform the classic IT ‘switch it off and on again’ every week or so, but if you feel that things are slowing down, consider a full configuration reset which, if infected, will delete the malware.
    • Strong passwords. I cannot say this enough. The default password is not strong because it is the default. Neither is your car registration or cat’s name, both of which are probably available on social media. Create strong passwords, and change them every 60-90 days.
    • Create separate Wi-Fi networks for IoT. For business, the adoption of SDSN* (Software-Defined Secure Networks) allows granular control of both the network and the traffic flow. When combined with automation, this means that, should a breach occur, it’s simple to quarantine and without putting business data at risk.
    • Keep protecting endpoints. I cannot over-emphasise the importance of advanced anti-virus software. However, for IoT, this is not currently feasible as these devices do not have the capability or power to run A/V. So, in addition to endpoint protection, understand what data you have on the network and run Sky Advanced Threat Prevention for the fastest identification and mitigation against a threat when it occurs.

Finally – be vigilant. In a conversation with a colleague at RSA 2017 recently, we mused over the story of the university being taken offline when there had been multiple, but ignored, reports of network performance problems.

If your network slows down, if applications seem to be misbehaving, don’t put this down to ‘Monday/Friday’ traffic, as it could be the next big national news-worthy breach infiltrating your network!

SDSN is a Juniper Networks platform to ensure security is built into physical and virtual networks, rather than just added on, as is typical of most network security today.

The author of this blog is Laurence Pitt, Juniper Networks’ Security Strategy director for Europe, the Middle East and Africa (EMEA)

Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow

FEATURED IoT STORIES

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, iot home automation is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more
RECENT ARTICLES

5G to generate 77% of global operator revenue by 2026

Posted on: December 1, 2021

Hampshire, UK. 30th November 2021 – A new study from Juniper Research has found that revenue generated from 5G services will reach $600 billion (€530.34 billion) by 2026; representing 77% of global operator-billed revenue. It found that the adoption of 5G services across consumer and IoT sectors has been driven by a strong uptake of 5G-capable devices, coupled

Read more

IoT CMP vendors add eSIM management capabilities to simplify logistics and localise connectivity

Posted on: December 1, 2021

Gothenburg, Sweden. 30 November 2021 – Berg Insight, the IoT market research provider, released new findings about the market for IoT connectivity management platforms (CMPs), a standard component in the value proposition from mobile operators and IoT MVNOs around the world. Recent developments in the domains of network virtualisation, SIM technology and LPWA networking are

Read more