The Internet of Things as an Attack Tool

Added by David Hill on April 4 2017, at 1:15 pm
Send Message View David Hill's blog

  • Not all trends are up and to the right. As the report states, Q4 2016 was "the third consecutive quarter where we noticed a decrease in the number of attack triggers". Still, "the overall 2016 attack count was up 4% as compared to 2015". Also, the volume and number of "mega-attacks" is on the rise.

    And of course, there was the Mirai malware recruiting poorly secured devices connected to the Internet. The Mirai-based botnet produced the largest-ever DDoS attacks, with volume peaking at 623 Gbps. That drew a lot of media attention to the dark side of the Internet of Things (IoT), calling for action before it is too late.

    Let us look at a few trends playing out in this area.

    First, the IoT. Lacking an agreed definition, there is a tendency to call anything connected to the internet, except conventional computers, an IoT device. Not trying to craft yet another definition, an important question is what makes these new types of connected devices different from the ones that were connected in the past? In the context of DDoS attacks I can only think of the three:

    Increased number. Twenty years ago, a household would have a home router and one or two computers connected. Then the smartphone revolution came and significantly more devices were added: gaming consoles, smartphones and tablets. Now with the ability to easily connect anything there is a potential that the number of connected things per household, but also in other areas, such as industrial systems and "smart" environments, will increase in orders of magnitude. And since any device is potentially vulnerable, that increases opportunities for an attacker.

    Limited user interaction. Smart objects are designed to operate autonomously, in the background, without requiring user intervention and offering a limited user interface (if there is one at all). That means that the user won't administer the device - install updates, monitor its performance, scan for malware and clean it up. But quite frankly, this does not happen much with computers and smartphones either. The difference is that in the latter area the industry has matured and consolidated, realizing the need and offering proven security solutions without relying on a user.


    For more details:Animated Cloud Overview Video Examples

Keywords: animationsvideos