Data Science “Paint by the Numbers” with the Hypothesis Development Canvas

Data Science “Paint by the Numbers” with the Hypothesis Development Canvas

When I was a kid, I use to love “Paint by the Numbers” sets.  Makes anyone who can paint or color between the lines a Rembrandt or Leonardo da Vinci (we can talk later about the long-term impact of forcing kids to “stay between the lines”).
Five Reasons Why Machine Learning Needs To Make Resumes Obsolete

Five Reasons Why Machine Learning Needs To Make Resumes Obsolete

Machine Learning Needs To Make Resumes Obsolete Hiring companies nationwide miss out on 50% or more of qualified candidates and tech firms incorrectly classify up 80% of candidates due to inaccuracies and shortcomings of existing Applicant Tracking Systems (ATS), illustrating how faulty these systems are

Disturbing Online IoT Trends

If you thought the worst thing to come out of the Internet of Things (IoT) trend for internet-connected devices was your mother in law’s daily reports on her smart refrigerator telling her she’s out of prune juice, then it’s time to think again.

People are understandably going wild for IoT devices. The technology is intriguing, many of the applications are becoming essential, and in a great deal of cases what these devices can do is just plain fun. The problem is that online attackers are just as fond of these devices, and they’re not using them to monitor their front doors or turn on the coffee maker while they’re still in bed. Instead, they’re using them for distributed denial of service (DDoS) attacks and data breaches.

DDoS dangers

When it comes to IoT devices, DDoS attacks and data breaches are two separate issues that stem from the same problem: lax security. In their rush to market, manufacturers largely have yet to prioritize security in their IoT devices, and while end users would be quick to secure an internet-connected device like a laptop, it just doesn’t seem to be thought of when it comes to smart devices like thermostats or baby monitors. As a result, the Internet of Things is populated by millions of devices using default usernames and passwords.

This is a problem because with a bit of malware and expertise, an attacker can hijack an internet-connected device and control it remotely. This is how botnets are assembled. In essence, a botnet is a network of hijacked devices that are used to aim immense amounts of malicious traffic at websites, servers or other online services in what are called DDoS attacks. An unmitigated attack will push the website or service offline altogether, or slow it down to the point that it can’t be used.

Botnets have been a DDoS-causing problem for over 15 years, but with the security problems plaguing the IoT, the size of botnets as well as their resultant attacks are reaching never before seen proportions. It was an IoT botnet by the name of Mirai that was behind the record-smashing distributed denial of service attacks on French hosting provider OVH, online security blogger Brian Krebs and DNS provider Dyn at the end of 2016, and it will surely be IoT botnets behind the next record breakers, which could come at any time.

Vulnerable data

If an attacker can compromise a device in order to enlist it in a botnet, then an attacker can also compromise a device for its data. Financial information, health information and other sensitive and highly sellable data is ripe for the picking behind default user names and passwords in the IoT. This would be bad enough for individual users, but there is an untold number of smart devices in use by major organizations that are providing potential access to huge databases.

Forrester Research estimates that a whopping 500,000 IoT devices will be compromised in 2017, while other experts are predicting that the first big security breach that can be traced back to an IoT device will happen within the next two years, to say nothing of the smaller scale data breaches that could be occurring at this very moment.

A collaborative solution

A true solution to these IoT problems is frustratingly out of reach since it requires the cooperation of so many organizations and people, including a large number of manufacturers that need to incorporate better security in the firmware to cut down on vulnerabilities. As a result, end users and website owners are left to secure their own devices and sites.

To begin securing your devices, change the default user names and passwords on them, no matter how ridiculous it may seem to set a password for, say, a thermostat. It’s also a good idea to disable WAN or remote access to your devices. You can use this open port finder to check for remote access on Telnet (23), SSH (22) and HTTP/HTTPS (80/443) ports.

To protect a website against the major threat posed by DDoS attacks, website owners need to invest in professional distributed denial of service mitigation. Scalable, cloud-based protection with a truly robust backbone will be able to handle attack attempts from botnets of all sizes, even IoT-powered botnets.

With a few simple steps and high-quality DDoS protection, your biggest IoT worry can once again be related to your mother in law and the world’s most boring use of smart devices. What a world.

Sponsored by Incapsula

By Gary Hanley

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information, resources and thought leadership services.

Contact us for a list of our leading brand and thought leadership exposure programs.

TOP ARCHIVES

How the Oil Industry Can Benefit from IoT Technology

How the Oil Industry Can Benefit from IoT Technology

Oil Industry Can Benefit from IoT In 2010, the Deepwater Horizon oil tragedy struck and took the nation’s attention for ...
The Challenges to Tackle Before You Start With AI

The Challenges to Tackle Before You Start With AI

Artificial Intelligence and the technology behind it are growing at a furious pace. Marketers have realized its vast potential and ...
Survey: 87% of Businesses Are Confident About Cybersecurity

Survey: 87% of Businesses Are Confident About Cybersecurity

Businesses Confident About Cybersecurity In a year that has seen multiple massive data breaches and troubling cyberattacks, a new survey ...
Secure Business Agility

Contrary to popular belief, a pro-privacy stance is good for business

Pro-Privacy Stance Right now privacy is a hot topic on LinkedIn posts, especially as it pertains to compliance with the ...
Big Pivot Podcast: How To Become A More Effective CIO

Big Pivot Podcast: How To Become A More Effective CIO

Become A More Effective CIO The Big Pivot podcast, put together by IDG and Informatica, looks at how CIOs are ...
Worldwide Spending on Augmented and Virtual Reality Expected to Surpass $20 Billion in 2019, According to IDC

Worldwide Spending on Augmented and Virtual Reality Expected to Surpass $20 Billion in 2019, According to IDC

FRAMINGHAM, Mass., December 6, 2018 – Worldwide spending on augmented reality and virtual reality (AR/VR) is forecast to be nearly $20.4 billion in 2019, an increase of 68.8% over the $12.1 billion International Data Corporation (IDC) expects will be spent this ...
Machine Learning Open-Source Tools

Do More With Machine Learning Thanks to These 6 Open-Source Tools

Machine Learning Open-Source Tools We are in the middle of a machine learning, AI and big data renaissance — at least, that’s what we’re calling it. Seemingly everyone is interested in this technology these days, and for a good reason ...
12 Promising Business Intelligence (BI) Services For Your Company

12 Promising Business Intelligence (BI) Services For Your Company

Business Intelligence Companies and Services Business Intelligence (BI) services have recently seen an explosion of innovation and choices for business owners and entrepreneurs. So many choices, in fact, that many companies aren’t sure which business intelligence company to use. To ...