The IoT Makes it Easier to Launch Massive DDoS Attacks

Despite its advantages, the Internet of Things (IoT) comes with a host of security disadvantages. As a whole, IoT devices are poorly managed, patched and secured; they are sitting ducks for hacker infiltration and takeover. Aside from the personal privacy and security concerns that result from these security gaps, the bigger danger is that these connected devices can be harnessed by hackers for a variety of nefarious purposes; distributed denial of service (DDoS) attacks are prominent among them.

DDoS Attacks Are A Concern

From a DDoS attack perspective, the IoT problem is of enormous concern. Hackers increasingly deploy botnets: i.e., an interconnected network of computers that are infected with malware without the users’ knowledge. This malware can then be utilized to launch DDoS attacks against other victims or, even possibly more worrying, from within the infected LAN against an enterprise’s internal—and normally unprotected—infrastructure assets.

The ever growing number of consumer control systems (public/Wi-Fi IoT) that are almost exclusively Internet connected present an expansive DDoS attack surface and a growing, well-connected, distributed army of potential botnet recruits. These botnets are used to increase the scale and effectiveness of DDoS attacks used in ransom or extortion threats.

There is really no limit to the potential size and scale of DDoS attacks if they leverage hundreds of thousands of smart (yet vulnerable) devices incorporated into the IoT. By using amplification techniques on the millions of very high bandwidth devices currently accessible, such as baby video monitors and security cameras, DDoS attacks have already become more colossal in scale; as the number of IoT devices increases, this threat will only increase exponentially. The scale of botnet-driven DDoS attacks is staggering.

Recent Extreme IoT-Driven DDoS Attacks

Exhibit A: On Thursday, September 22, 2016 one of the world’s largest hosting companies OVH suffered a series of 100Gpbs DDoS attacks that served up a whopping, walloping combination of 1Tbps attacks, according to this Tweet by OVH founder and CTO Octave Klaba. According to HackReading, this was “the largest DDoS attack in the history of Internet.” Klaba further stated that the attack was comprised of a botnet with 145,607 online surveillances cameras.

Exhibit B: Just days before the attack on OVH, hackers launched an attack that measured 665 Gbps, on, the website of investigative cybercrime journalist Brian Krebs. That attack was then previous record for “largest ever DDoS attack.” It was so large that even Akamai could not defend against it, so Akamai took the KrebsOnSecurity website down (it had hosted the site pro bono, for years).

The Solution

Unfortunately, there is no silver bullet here – but there are steps that can be taken. Organizations must have a specific focus on locking down their IoT assets. This includes selecting IoT products from reputable vendors who are committed to delivering secure products. Organizations must also perform regular firmware upgrades and audit IoT systems to ensure they are not compromised.

At Corero, we do not develop IoT products but we are helping Internet service providers, hosting providers, and online enterprises to prepare for the impending increase in sophistication and scale of DDoS attacks that exploit the vulnerabilities in the IoT landscape. Our SmartWall® is the only DDoS defense system that mitigates both known and zero-day DDoS attacks at virtually any bandwidth scale from 10Gbps, to networks operating in the Terabit range.

For more information, contact us.