IoT DDos Attacks 12 Months Later. What Did We Learn?
Just a year ago today something amazing happened. IoT devices from around the world were used to create the most concise DDoS attack that the United States had ever seen. The attacks affected sites like Reddit, Spotify, Paypal, Amazon and many others.
Stephen Cobb, in an analysis of the event stated that “We have been shown just how vulnerable the internet – which is now an integral part of the critical infrastructure of the US and many other countries – is to disruptive abuse conducted at scale, by persons whose identity is not immediately ascertainable.”
It’s a year later. What did we learn and how have we grown since that? The world market is completely dependent upon online events and online transactions. That means it is imperative that we stop attacks and prevent further issues.
What Exactly Happened?
Anything that can connect to the internet is risky. The attacks of last year ( October 21) were made possible by millions of internet connected devices that were simply not well used . These attacks were made possible by people who had no real idea how to use their devices or more importantly, how to secure them. Surveillance cameras, home security, home routers and many other things were used in order to shut down or deny services to sites. The attackers infected many thousands of IoT devices. Using malicious code these devices were formed into a giant botnet and that botnet swamped the servers of the affected sites.
How Could That Happen?
Remember in the directions where it tells you to change that default password. It may come as a huge surprise to find that most people don’t. It may also come as a big shock that most people still don’t a year later and there are no more warnings on packaging than there were prior to the massive DDos a year ago. What have we taken away from one of the largest attacks on computer systems? It looks like very little, to be honest.
How Can We Defend Against These Attacks?
We’ve known that IoT devices could be used for attacks since the beginning of IoT. Companies advise people to change the passwords. Most don’t. Hackers and malware developers know the default passwords to many of these machines and log into them, using them for their own purposes. You can tell people to change the passwords on their IoT devices, but there isn’t any real way to make them do so.
So, a year later, how can we stop this? Realistically, the same way we could always have stopped it. We take better care of our networks, make sure that our passwords are changed periodically and that we don’t share them if we can avoid it.
This type of attack is relatively new so there really isn’t a best practice methodology to prevent it, but there are ways to regulate control of your own home or business network. If you’re in business, make sure that you have a DDoS defense plan and keep it up to date. Practice it regularly, just like a fire drill.
There are multiple ways to defend against DDoS attacks. While someone may breach your site at least make it as difficult for them as possible by using every device and resource that you have at your disposal. You may just make it difficult enough that it’s not worth the trouble and they will move on.