Connected devices have never been more at risk from attackers

Copyright: glebstock / 123RF Stock Photo

It was because of the growing security risks surrounding these devices last year that a number of internet criminals were able to weaponise them and as a result, take a number of websites and services offline by launching DDoS (distributed denial of service) attacks.

Last year, says Roland Dobbins, principal engineer at Arbor Networks, we saw a number of organisations fall victim to this type of attack including the Rio Olympics. According to Arbor’s latest Worldwide Infrastructure Security Report, the weaponisation of Internet of Things (IoT) devices drove DDoS attack size higher by 60%.

IoT devices are attractive to attackers because so many are shipped with insecure defaults, including default administrative credentials, open access to management systems via the Internet-facing interfaces on these devices, and shipping with insecure, remotely exploitable code. A large proportion of embedded systems are rarely if ever updated in order to patch against security vulnerabilities – indeed, many vendors of such devices do not provide security updates at all.

There are tens of millions of vulnerable IoT devices, and their numbers are growing daily; they’re generally always turned on; they reside on networks which aren’t monitored for either incoming or outgoing attack traffic; and the networks where they’re deployed often offer high-speed connections.

Organisations can defend against DDoS attacks by implementing best current practices for DDoS defence, including hardening their network infrastructure; ensuring complete visibility into all traffic moving through their networks; implementing sufficient DDoS mitigation capacity and capabilities (either on-premise or via cloud-based DDoS mitigation services, or both); and by having a DDoS defence plan which is kept updated and is rehearsed on a regular basis.

xlogo.png.pagespeed.ic.-gPylMLJoqIn particular, ISP and MSSP (internet and managed services service provider) network operators should actively participate in the global operational community, so that they can render assistance when other network operators come under high-volume DDoS attacks, as well as request mitigation assistance as circumstances warrant. Active, continuous cooperation between enterprise network operators, ISPs, and MSSPs is the key to successful DDoS defence.

Roland Dobbins of Arbor Networks

It’s also very important that when measuring DDoS attack volumes, network operators take into account the baseline load of their normal Internet traffic so as to neither underestimate nor overestimate the amount of attack traffic targeting their networks and customers.

The author of this blog is Roland Dobbins, principal engineer at Arbor Networks


Comment on this article below or via Twitter: @IoTNow OR @jcIoTnow

Recent Articles

Dawn of a new internet era: More speed, more devices, but infrastructure is lagging behind

Posted on: December 4, 2020

Increased use of internet services, broader application of IoT devices, and a Covid-related shift to remote work are just a few factors, accelerating the transition to a new internet era.

Read more

5G and Industry 4.0 are the keys to unlocking Europe’s economy

Posted on: December 4, 2020

Economic forecasts across the globe make for grim reading. The coronavirus pandemic when it first hit brought countries to a standstill. In June, the World Bank projected that the global economy was on course to shrink 5.2% over the course of 2020.

Read more