IoT Trends

The Internet of Attacks: Disturbing Online IoT Trends

Disturbing Online IoT Trends

If you thought the worst thing to come out of the Internet of Things (IoT) trend for internet-connected devices was your mother in law’s daily reports on her smart refrigerator telling her she’s out of prune juice, then it’s time to think again.

People are understandably going wild for IoT devices. The technology is intriguing, many of the applications are becoming essential, and in a great deal of cases what these devices can do is just plain fun. The problem is that online attackers are just as fond of these devices, and they’re not using them to monitor their front doors or turn on the coffee maker while they’re still in bed. Instead, they’re using them for distributed denial of service (DDoS) attacks and data breaches.

DDoS dangers

When it comes to IoT devices, DDoS attacks and data breaches are two separate issues that stem from the same problem: lax security. In their rush to market, manufacturers largely have yet to prioritize security in their IoT devices, and while end users would be quick to secure an internet-connected device like a laptop, it just doesn’t seem to be thought of when it comes to smart devices like thermostats or baby monitors. As a result, the Internet of Things is populated by millions of devices using default usernames and passwords.

This is a problem because with a bit of malware and expertise, an attacker can hijack an internet-connected device and control it remotely. This is how botnets are assembled. In essence, a botnet is a network of hijacked devices that are used to aim immense amounts of malicious traffic at websites, servers or other online services in what are called DDoS attacks. An unmitigated attack will push the website or service offline altogether, or slow it down to the point that it can’t be used.

Botnets have been a DDoS-causing problem for over 15 years, but with the security problems plaguing the IoT, the size of botnets as well as their resultant attacks are reaching never before seen proportions. It was an IoT botnet by the name of Mirai that was behind the record-smashing distributed denial of service attacks on French hosting provider OVH, online security blogger Brian Krebs and DNS provider Dyn at the end of 2016, and it will surely be IoT botnets behind the next record breakers, which could come at any time.

Vulnerable data

If an attacker can compromise a device in order to enlist it in a botnet, then an attacker can also compromise a device for its data. Financial information, health information and other sensitive and highly sellable data is ripe for the picking behind default user names and passwords in the IoT. This would be bad enough for individual users, but there is an untold number of smart devices in use by major organizations that are providing potential access to huge databases.

Forrester Research estimates that a whopping 500,000 IoT devices will be compromised in 2017, while other experts are predicting that the first big security breach that can be traced back to an IoT device will happen within the next two years, to say nothing of the smaller scale data breaches that could be occurring at this very moment.

A collaborative solution

A true solution to these IoT problems is frustratingly out of reach since it requires the cooperation of so many organizations and people, including a large number of manufacturers that need to incorporate better security in the firmware to cut down on vulnerabilities. As a result, end users and website owners are left to secure their own devices and sites.

To begin securing your devices, change the default user names and passwords on them, no matter how ridiculous it may seem to set a password for, say, a thermostat. It’s also a good idea to disable WAN or remote access to your devices. You can use this open port finder to check for remote access on Telnet (23), SSH (22) and HTTP/HTTPS (80/443) ports.

To protect a website against the major threat posed by DDoS attacks, website owners need to invest in professional distributed denial of service mitigation. Scalable, cloud-based protection with a truly robust backbone will be able to handle attack attempts from botnets of all sizes, even IoT-powered botnets.

With a few simple steps and high-quality DDoS protection, your biggest IoT worry can once again be related to your mother in law and the world’s most boring use of smart devices. What a world.

Sponsored by Incapsula

By Gary Hanley

CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and consultancy services.

Are you a cloud services expert in a world of digital transformation? If so, contact us for information on how to become part of our growing cloud consultancy ecosystem.

TECH TRENDS

Four Cloud Security Mega Trends

Four Cloud Security Mega Trends

Cloud Security Trends Last year was a big year for the cloud. Cloud adoption continued to grow at a rapid ...
outsourcing

Employment Trends: Cloud Technology Leads The Way

Employment Trends: Cloud Technology World Economic Forum’s Future of Jobs report, developed in collaboration with the Global Agenda Council, uses ...
Four Trends and Realities Confronting Security Today

Four Trends and Realities Confronting Security Today

Realities Confronting Security Today, the number of attempted data breaches, cyber attacks, and other bad behavior by bad actors continues ...
Trends in MarTech to Look Out for This Year

Trends in MarTech to Look Out for This Year

Trends in MarTech Marketing technology, or MarTech, has come a long way with a landscape that is steadily growing. In ...
Two 2017 Trends From A Galaxy Far, Far Away

Two 2017 Trends From A Galaxy Far, Far Away

Reaching For The Stars People who know me know that I’m a huge Star Wars fan. I recently had the ...
RightScale Releases Trends in Follow-Up to State of the Cloud Report

RightScale Releases Trends in Follow-Up to State of the Cloud Report

Docker Spreads All the Way to Production and Is Used Alongside Chef, Puppet, and Ansible SANTA BARBARA, CA--(Marketwired - May ...
cloud trends

Robotics, AI, FinTech, and IoT – Most Significant Emerging Technological Trends

NEW YORK, Sept. 13, 2016 /PRNewswire/ -- Global X Funds, the New York-based provider of exchange-traded funds (ETFs), today launched the ...
cloud trends

Tech Trends That Will Shape 2017: Cloud, IoT and AI

Tech Trends 2017 Do not expect disruptive tech but improvements of existing technologies Tech trends that will shape 2017 will ...
Trends

Member Exclusive: CIO Investment Priorities Trends Report

CIO Investment Priorities Trends Report We wanted to share with you the 2015 – 2017 Investment Priority Report which is ...
Virtual Reality Healthcare Trends

Virtual Reality Trends and Possibilities in Healthcare

Virtual Reality Healthcare Trends Virtual reality tends currently to focus on entertainment and gaming, but it’s a field that’s beginning to show ...