Largest DDoS Attack by a botnet of IoT Devices Raises Concerns about IoT Security

Largest DDoS Attack by a botnet of IoT Devices Raises Concerns about IoT Security

It’s predicted that IoT (Internet of Things) will become a priority issue in 2016 and it has. IoT devices refer to internet-connected security cameras, thermostats, in-car adapters, etc.

In late September 2016, an army of possibly one million IoT devices, the largest yet, was used to launch a DDoS (Distributed Denial of Service) attack on a top security blog, KrebsOnSecurity.com. The generated traffic to the blog was closer to 620 Gbps in size, much greater than was needed to knock it offline and almost twice as big as the previous largest attack Akamai, a CDN (Content Delivery Network) and security solutions provider that protects the website from digital attacks, has seen so far. Akamai managed to mitigate the attack for three days, but then it proved too costly to continue so they had to cancel Kreb’s account.

Analysis of this and similar attacks shows that the aim is not so much acquiring private data as gaining control over as many IoT devices as possible and using their power for whatever purposes. This means that literally millions of devices can be exploited due to poor security such as weak passwords or using vulnerable or outdated firmware. It is estimated that by 2020 IoT devices can reach 25 million, so IoT security is fastly becoming a pressing concern.

Policy makers need to introduce higher security standards, producers need to develop more secure software and hardware, and end users need to be aware enough to buy quality IoT products, update their software, change default passwords, etc.

For more on what you can do when your website is hacked, you can check out the related post on <Is your Website Hacked and What to Do about it?> Why cybersecurity in general is an issue, you can find out here: <Cybersecurity – one of the hottest topics nowadays>.