Does the IoT have the potential to break the internet?
In 2016 we saw a limited number of IoT-related botnet attacks; but those that did carry out their plans were large enough to make everyone sit back for a moment and contemplate the impact millions of connected devices could have on the internet as a whole.
DDoS hits scale
First there was the attack on the site of IT security journalist, Brian Krebs. In a simple, yet ingenious move, the attacker mobilized hundreds of connected devices, mostly security cameras, and used each one to make a request on www.krebsonsecurity.com. Kreb’s security partner, Akamai estimates that during the attack, the site was seeing 665 gigabytes of traffic per a second – that number doubles the amount of traffic seen in other Distributed Denial of Service (DDoS).
This attack also varied from previous attacks in that the signals were produced by hacked devices instead of from a single, hacker-controlled device and amplifier. As a result, the entire site was shut-down due to an inability to handle all of the incoming requests.
While the hacker has not been caught, he or she did release the code used to create the attack on a forum site – paving the way for copycats.
Christened as Mirai
The released source code was dubbed “Mirai.” The botnet mobilizing code spreads to vulnerable devices by continuously scanning the internet for connected systems protected only by factory default or hard-coded usernames and passwords.
On the consumer side, connected devices like light bulbs, cameras, and small appliances are not seen as a huge threat – after all, is there anything really so dangerous or secret about a refrigerator?
It is this belief that leaves connected devices vulnerable to botnets like Mirai – who hijack the device and use it as part of a larger force to attack a single point.
Since Mirai’s source code was first released, the variants have grown from splintered and weakened to sizes that rival the original botnet and finally, into an attack whose size eclipsed that of the attack on Kreb’s site.
In late October, you may have woken-up only to realize that some of your favorite sites were down. In an attack that targeted Dyn, an internet performance management company that provides domain registration and email products, a Mirai variant successfully shut-down the sites of PayPal, Twitter, Reddit, GitHub, Amazon, Netflix, Spotify and RuneScape – to name a few. The attacks were accomplished in two waves and continued for several hours and days although only the first two attacks found success (the security team at Dyn managed to thwart subsequent attempts).
During the peak of the attack, the mobilized botnet army employed more than 100,000 connected devices to generate requests at a rate of 1.2 terabytes per second.
If 2016 taught us anything, it is that the possibilities for improving existing business practices, reducing costs associated with maintenance, gaining better oversight of our health and streamlining a variety of tasks live within IoT devices. However, each of those devices represents a portal into the world through which hackers can enter; so as exciting as the prospects may be, we must remain ever vigilant in our efforts to create secure devices.
- » Sigfox makes four key IoT announcements during Connect 2019
- » Cisco is investing in Australian agricultural IoT firm Titan Class
- » Telefónica presents second ‘Things Matter’ study, indicates significant increase in IoT usage in two years
- » IOTech raises $7.5 million in series A funding led by Dell Technologies
- » European Union Cybersecurity Agency focuses on connected cars in latest research