Digital transformation and distributed denial of service

Cyberthreats are intimately tied up with digital transformation. An unfortunate irony of innovation, says Ashley Stephenson, CTO of Corero Network Security, is that the developments that benefit us, will also furnish attackers with new ways to exploit us.

What often happens in IT is that a new technology emerges which unleashes compelling new capabilities. These technologies are hungrily acquired by enterprises and consumers alike. However, the market and competitive demands for new features can grow so fast that security considerations are forgotten or ignored, and security design implications may not be fully worked out. DDoS (distributed denial of service) attackers always try to find ways to use these new technologies for their own end, and as a result, many businesses may find themselves vulnerable.

The Internet of Things (IoT)

There is no better example of this than the IoT. It is already unleashing transformative possibilities in the world. For consumers, space-age smart homes are now a reality and products like Amazon Alexa are bringing the fantasies of yesteryear into the here and now. For industries, IoT devices are ushering in Industry 2.0, furnishing them with new ways to collect information, differentiate offerings and create new products and services. Smart Cities will be replete with IoT devices which – in conjunction with other technologies like 5G – will be embedded within the infrastructure of cities of the near future to support a range of municipal functions such as traffic organisation, energy saving and waste management. It’s easy to understand why the IoT is popular, but in its short existence it has already become a key vulnerability for organisations and a key vector for attackers.

There are recurring design problems within the IoT, which keep providing easy ways for attackers to exploit new devices or the networks to which they are attacked. Many IoT devices use weak encryption, others cannot be updated, and devices have often been installed with their default passwords.

It was this kind of common vulnerability that was leveraged by the Mirai botnet to take down large parts of the internet just a few years ago. Mirai was able to use DDoS on major pieces of internet infrastructure including companies that hosted some of the most popular websites on the internet and by some accounts, the entire internet of the country of Liberia.

“… the reliably vulnerable ocean of IoT devices on the internet.”

It did so with a vast botnet of IoT devices it had pressed into its service. The Mirai malware would scan for devices and when it found one it would make a brute-force guess at the device password using a small library of commonly used IoT credentials. The Mirai controller managed to corral thousands of devices, using a technique called bot-herding, into the Mirai botnet and break successive DDoS records with this simple strategy and the reliably vulnerable ocean of IoT devices on the internet.

Mirai still exists and variants are emerging all the time, such as Mozi. Indeed, according to the ENISA threat landscape report, Mirai variants grew by 57% in 2019. The IoT is growing at an even greater pace and although security may have improved, there is still a rich ecosystem of vulnerable IoT ready to be pulled into DDoS botnets.

DDoS attack power has been increasing year-on-year and the growth of IoT plays a part in this. According to one report from IoT Analytics, there will be well over 25 billion IoT devices around the world by 2025. Another 2021 report from Nokia Deepfield judges that explosion of IoT devices to be directly “fuelling the DDoS fire” and allowing DDoS attacks to potentially reach new heights of more than 10 Terabits per second.

Remote technologies

The IoT might fuel DDoS attacks, but other developments make us more susceptible to DDoS attacks. As remote work becomes a mainstay of modern working, we’re relying on uptime more than we ever have before.

Covid forced countless workers into remote work, compelling them to rely on technologies like VPN to enable secure connections between their homes and their office networks. DDoS attackers seized on this opportunity to exploit the separation between worker and workplace. Kaspersky noted that DDoS attacks doubled in the first quarter of 2020, and tripled in the second quarter, just as remote work was becoming the new normal.

At the same time, attackers have found ways to actually exploit the tools remote workers rely on to launch DDoS attacks. OpenVPN servers have been a favourite of DDoS attackers in recent years by sending fraudulent request messages from a spoofed victim IP, vulnerable OpenVPNs will send multiple response messages back to the victim IP thus generating an amplification style DDoS attack. This not only damages the intended target but degrades service for any legitimate users of the vulnerable OpenVPN servers utilised in the attack. These attacks have been so popular that a recent Corero report has revealed that the use of OpenVPN amplification attacks increased by nearly 297% in 2021.

Now that remote work indeed, remote everything is the new normal, we’re more reliant than ever on uptime. Remote working is a business-critical task, as such, the services and companies that support or enable it make for potentially valuable targets for DDoS attackers. It seems no accident that ransom DDoS has also risen in recent years and gone after exactly those kinds of targets. For example in late 2020, a DDoS gang launched a 400 Gbps attack at a Norwegian telecoms provider and demanded 20 Bitcoin to stop the attack. The attack was not successful, but it is still easy to see the intentions of the attack, as well as the potential damage it could have wrought were the attackers successful.

“A DDoS gang launched a 400 Gbps attack at a Norwegian telecoms provider and demanded 20 Bitcoin to stop the attack.”

The same is true of cloud-based application and SaaS services which rely on uptime guarantees to provide businesses and remote workers the services they need. In fact, Service Level Agreements (SLAs) are increasingly demanding undisturbed uptime. Service providers that fall victim to DDoS-related attacks or outages will end up in breach of their contracts.

Protecting digital transformation from DDoS

It might not always be possible to know every security risk presented by new technologies and transformations. However, many do not even try to proactively defend themselves. That stance leaves them in a reactive position. When an attack does hit their IoT deployments or remote working infrastructure they will suffer the consequences. If they are lucky – they will scramble to respond to the attack, outage or even unwanted media attention. As a result, they still have to deal with the damage caused both during and after the attack. If they are perceived as negligent or reckless in managing these risks they may well be subject to further civil liabilities, reputational damage and potential regulatory blowback.

Protecting Digital Transformations against DDoS demands real-time, always-on detection and protection. Being properly prepared for DDoS attacks is the best defense, before they get the chance to exploit innovation risks in your infrastructure and paralyse your systems.

Ultimately, the broader confrontation is unavoidable. Compelling new technologies will continue to emerge and we will eagerly adopt them, even though they introduce new risks. We cannot protect ourselves from – or stave off – innovation any more than we can hold back the tide. It is, however, up to us to make sure that we digitally transform in safer, more measured ways while being ever mindful of the security risks we are introducing and the ways in which these new technologies could be hijacked by DDoS attackers.

The author is Ashley Stephenson, CTO of Corero Network Security.

Comment on this article below or via Twitter: @IoTNow_OR @jcIoTnow

RECENT ARTICLES

Driving connected personalised user experiences with Generative AI

Posted on: March 27, 2024

As the world continues to rapidly move towards digitalisation, customer expectations are also on the rise. Around the globe, telcos are grappling with meeting these expectations. As well as ensuring connectivity in a secure, seamless, and consistent manner 24/7, to compete and differentiate, operators now need to provide personalised experiences that are as unique as

Read more

IOT Solutions World Congress 2024 connects semiconductor chips to industry

Posted on: March 27, 2024

Essential to manufacture computers, smartphones, cars, refrigerators or any electronic device, semiconductors are critical elements in the implementation of the Internet of Things. For this reason, IOT Solutions World Congress (IOTSWC), the leading international event on the transformation of industry through disruptive technologies, will give have a special focus this year on chip designers, manufacturers

Read more
FEATURED IoT STORIES

What is IoT? A Beginner’s Guide

Posted on: April 5, 2023

What is IoT? IoT, or the Internet of Things, refers to the connection of everyday objects, or “things,” to the internet, allowing them to collect, transmit, and share data. This interconnected network of devices transforms previously “dumb” objects, such as toasters or security cameras, into smart devices that can interact with each other and their

Read more

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption, is leading the charge to dominate the next decade’s discussion around business IT. Below, we’ll discuss the current boom, what’s driving it, where it’s going,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way you work, play, and live. But is it just another buzzword, or is it the as-promised technological holy grail? The truth is that Internet of

Read more

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT Platform 2021? authors Robin Duke-Woolley, the CEO and Bill Ingle, a senior analyst, at Beecham Research. Figure 1 shows these parts and, although not all

Read more

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for smart home automation will reach $40 billion by 2020.

Read more

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into a more switched-on place to live.

Read more