IoT DDoS: Disrupting the Internet, One Device at a Time

IoT DDoS: Disrupting the Internet, One Device at a Time

The Internet of Things, a network of physical devices embedded with technology that enables them to collect and exchange data via the Internet, is one of technology’s most incredible advancements because it has been able to bring together millions of ‘smart devices’ in order to help us with things in our daily lives through items such as kitchen appliances, cameras, and cars. However, like many things that are connected to the Internet, these devices can have their helpful technology used for evil. IoT has been the vehicle for many cyber-crimes such as data breaches and ransomware, but more recently, IoT has been in the news for having fueled multiple distributed denial of service (DDoS) attacks.

A DDoS attack occurs when an Internet circuit is flooded with so much Internet traffic, referred to as “packets,” that the Internet becomes jammed and then stops, similar to traffic build-up on a busy interstate that eventually leads to a bumper-to-bumper standstill. Though this is usually done by a cyber-criminal taking over compromised computers referred to as “zombies” which are then used to send ‘bad traffic’ to the victim’s site, there is a new wave of this type of attack being fueled by IoT devices.

IoT-fueled DDoS attacks

One of the most noteworthy of these IoT DDoS attacks affected Domain Name System (DNS) provider, Dyn. On Friday, October 21st, Dyn, the DNS provider for major websites including Twitter, Netflix, Reddit, and Spotify, was attacked by one of the largest DDoS attacks to date. This takedown was facilitated by hundreds of thousands of hacked IoT devices from Web cams to routers. Similar to a common DDoS attack, once hijacked, these Internet-enabled devices are mobilized together to target all of their Web page requests at one target, in this case, it happened to be Dyn. This caused chaos and outrage on the Internet primarily because the websites it impacted, like Twitter and Reddit, have a massive amount of daily users. Though this is the most widely-known IoT-fueled DDoS attack so far, these attacks continue to occur at an alarming rate.

As recent as this morning, there have been reports on at least five Russian banks being hit by IoT-enabled DDoS attacks. Similar to the Dyn attack, unsecured IoT devices were used without owner knowledge and then colonized to target these banks and their websites. Kaspersky Lab has come out to say that the main cause of this attack was due to the fact that many of these devices were left with their default passwords, meaning that once a hacker got into one standard device, he gained access to all of them. This and a few other simple security steps could help us to be better protected against IoT-fueled DDoS attacks.

How to protect against IoT-fueled DDoS attacks

Many people found that in cases such as the Dyn DDoS attack, their IoT-enabled devices were being used in the attack without their consent or knowledge, and this is largely due to a lack of IoT device security. Here are some things you can do in order to help try and prevent your devices being used in the next IoT-fueled DDoS attack:

  • Turn off remote access to your devices when not in use, if possible–When at all possible, turn off remote access to your IoT devices. By leaving a device active while not in use leaves it extremely vulnerable to use in an attack similar to that against Dyn DNS.
  • Change all device passwords from the default–As mentioned above about the recent Russian bank attack, this is another simple step that can be taken in order to make it that much harder for attackers to gain access to your devices. Change your passwords to something hard to guess rather than leaving them vulnerable by using the same, basic passwords that came installed on your devices when you bought them. This is likely the same password used on similar devices, and using such passwords make these devices easier to hack.
  • Update your systems early and often–Stay on top of your system updates so that your network is well-protected. Activate fully automatic updates if it is hard for you to remember to update frequently, this way, you will never be behind in securing your devices.

Stay Secure, America

Axiom Cyber Solutions has been selected as one of the 20 Most Promising DDoS Solutions of 2016 for being able to mitigate the most amount of DDoS attack in a single 1U appliance by CIOReview Magazine. To learn more about our DDoS mitigation services and how you can secure your business by staying ahead of cyber-attacks, please contact us at https://www.axiomcyber.com or by phone at 1 (800) 519-5070 today!

Hailey R. Carlson | Axiom Cyber Solutions | 11/11/2016

About the Author