DDoS downfall: How the IoT is Becoming the Internet of Very Bad Things

DDoS Downfall: How the IoT is Becoming the Internet of Very Bad Things

Internet of Things (IoT) devices like smart watches, smart thermometers, smart fridges and smart anything are undeniably cool and incredibly useful. This age of connectivity is the age of possibility, and millions of people all over the world are taking advantage of the wonderful benefits these devices have to offer.

There’s a different kind of people taking a different kind of advantage of all these connected devices, however, and with the exploding popularity of IoT devices, these people have a lot of power literally at their fingertips. The result of all this easily accessible power? The biggest DDoS attacks the world has ever seen.

Services, denied

Distributed denial of service or DDoS attacks are a type of cyberattack that seek to overwhelm the network resources or bandwidth of a target website or other online service. These attacks do so by harnessing the power of a botnet, a grouping of internet-connected devices that enables the attacker to direct massive amounts of malicious traffic at the target.

When a DDoS attack is successful, the result is a website that is either bumped offline or slowed down so much that it can’t be used. Thanks to the accessibility of DDoS for hire services, distributed denial of service attacks were already a growing problem since the average person with no special computer skills can now aim an attack at any site for a nominal fee, making almost every website and business on the internet a potential target. Thanks to the IoT, the DDoS threat is looming considerably larger.

Bigger and badder botnets

For a device to be included in a botnet, it needs to be infected with malware that allows it to be remotely controlled. In the past these devices were generally computers because they were by far the most common form of internet-connected device. However, security for computers has gotten better and people have become increasingly focused on securing them, making it harder for cyberattackers to take over.

If computers were still the most common form of internet-connected device, this would be good news, but in 2016 the number of devices in the IoT was estimated at 6.4 billion. Unfortunately, these devices tend to be so weakly secured attackers have to do little more than put in default usernames and passwords to take control. As a result, IoT-powered botnets are weighing in with hundreds of thousands of infected devices, giving attackers unprecedented amounts of malicious traffic to play with.

Mirai mayhem

In its relatively short life, the Mirai IoT botnet has already achieved internet infamy with its record-breaking distributed denial of service attacks. The first high-profile victim was famed security blogger Brian Krebs, whose website went down in the face of a 620 Gbps attack. Following that, French web hosting provider OVH got rocked by a 1 Tbps attack, then DNS provider Dyn got walloped by a 1.2 Tbps attack, resulting in the internet essentially coming to a screeching halt when sites like Netflix, PayPal and Twitter went down as a result. All three attacks were once the biggest in the history of the internet. The Dyn attack is still number one.

The Mirai source code is publicly available, which means cyberattackers are free to use it to assemble their own massive botnets, which means Mirai variants are causing big problems all over the internet. In December, one such variant infected Deutsche Telekom routers, affecting over 900,000 customers. While most Mirai-based attacks are network-layer, another variant recently took aim at an American college with a 54-hour application-layer attack that peaked at over 37,000 requests per second.

Two types of threats and two security considerations

The threat presented by the Mirai malware, as well as any malware that targets IoT devices, is two-fold. First is the threat to websites and online service coming from these bloated botnets and the record-smashing DDoS attacks that cause an immediate loss of revenue while the site or service is unavailable, as well as a long-term loss of revenue stemming from the eroded trust and loyalty experienced by users. The solution for this is professional DDoS mitigation that protects against both network and application layer attacks.

The second threat presented is to every person or company that has at least one IoT device. If a device can be easily hijacked for inclusion in a botnet, it can be just as easily hijacked for other malicious purposes. Considering how much sensitive and financial data may be available through these devices as well as how many gather photo, video and audio imaging, this is a truly frightening prospect.

To check if any of the devices on your network are either already infected by the Mirai malware or vulnerable to it, you can use the Mirai scanner provided by DDoS protection provider Incapsula. Regardless of the results of the scanner, you should take the time to log in to every IoT device you own and change the default username and password to something that is hard to guess. After all, the only person who should get to benefit from an IoT device should be the person who owns it.

Featured

  • Survey: 54% of Organizations Cite Technical Debt as Top Hurdle to Identity System Modernization

    Modernizing identity systems is proving difficult for organizations due to two key challenges: decades of accumulated Identity and Access Management (IAM) technical debt and the complexity of managing access across multiple identity providers (IDPs). These findings come from the new Strata Identity-commissioned report, State of Multi-Cloud Identity: Insights and Trends for 2025. The report, based on survey data from the Cloud Security Alliance (CSA), highlights trends and challenges in securing cloud environments. The CSA is the world’s leading organization dedicated to defining standards, certifications, and best practices to help ensure a secure cloud computing environment. Read Now

  • Study: Only 35 Percent of Companies Include Cybersecurity Teams When Implementing AI

    Only 35 percent of cybersecurity professionals or teams are involved in the development of policy governing the use of AI technology in their enterprise, and nearly half (45 percent) report no involvement in the development, onboarding, or implementation of AI solutions, according to the recently released 2024 State of Cybersecurity survey report from ISACA, a global professional association advancing trust in technology. Read Now

  • New Report Series Highlights E-Commerce Threats, Fraud Against Retailers

    Trustwave, a cybersecurity and managed security services provider, recently released a series of reports detailing the threats facing the retail sector, marking the second year of its ongoing research into these critical security issues. Read Now

  • Stay Secure in 2024: Updated Cybersecurity Tips for the Office and at Home

    Cyber criminals get more inventive every year. Cybersecurity threats continue to evolve and are a moving target for business owners in 2024. Companies large and small need to employ cybersecurity best practices throughout their organization. That includes security integrators, manufacturers, and end users. Read Now

Featured Cybersecurity

Webinars

New Products

  • Mobile Safe Shield

    Mobile Safe Shield

    SafeWood Designs, Inc., a manufacturer of patented bullet resistant products, is excited to announce the launch of the Mobile Safe Shield. The Mobile Safe Shield is a moveable bullet resistant shield that provides protection in the event of an assailant and supplies cover in the event of an active shooter. With a heavy-duty steel frame, quality castor wheels, and bullet resistant core, the Mobile Safe Shield is a perfect addition to any guard station, security desks, courthouses, police stations, schools, office spaces and more. The Mobile Safe Shield is incredibly customizable. Bullet resistant materials are available in UL 752 Levels 1 through 8 and include glass, white board, tack board, veneer, and plastic laminate. Flexibility in bullet resistant materials allows for the Mobile Safe Shield to blend more with current interior décor for a seamless design aesthetic. Optional custom paint colors are also available for the steel frame. 3

  • Luma x20

    Luma x20

    Snap One has announced its popular Luma x20 family of surveillance products now offers even greater security and privacy for home and business owners across the globe by giving them full control over integrators’ system access to view live and recorded video. According to Snap One Product Manager Derek Webb, the new “customer handoff” feature provides enhanced user control after initial installation, allowing the owners to have total privacy while also making it easy to reinstate integrator access when maintenance or assistance is required. This new feature is now available to all Luma x20 users globally. “The Luma x20 family of surveillance solutions provides excellent image and audio capture, and with the new customer handoff feature, it now offers absolute privacy for camera feeds and recordings,” Webb said. “With notifications and integrator access controlled through the powerful OvrC remote system management platform, it’s easy for integrators to give their clients full control of their footage and then to get temporary access from the client for any troubleshooting needs.” 3

  • Camden CM-221 Series Switches

    Camden CM-221 Series Switches

    Camden Door Controls is pleased to announce that, in response to soaring customer demand, it has expanded its range of ValueWave™ no-touch switches to include a narrow (slimline) version with manual override. This override button is designed to provide additional assurance that the request to exit switch will open a door, even if the no-touch sensor fails to operate. This new slimline switch also features a heavy gauge stainless steel faceplate, a red/green illuminated light ring, and is IP65 rated, making it ideal for indoor or outdoor use as part of an automatic door or access control system. ValueWave™ no-touch switches are designed for easy installation and trouble-free service in high traffic applications. In addition to this narrow version, the CM-221 & CM-222 Series switches are available in a range of other models with single and double gang heavy-gauge stainless steel faceplates and include illuminated light rings. 3