It’s 2016 and the “Internet of Things” is in full swing. It is estimated that there are over 6 billion devices already connected and that number is expected to grow to over 21 billion by 2020. Everything from ingestibles to wearables, drones, cars and even whole buildings are being connected to the internet.
While it may be convenient to be able to control your refrigerator, thermostat or DVR from your phone, connecting all these devices opens the door to (not so)new security threats. In the last few months it has come to light that in order to keep cost down on many of these device, not much thought has been put into securing them.
It turns out that many of these IoT devices are being shipped with default user names and passwords like Admin/Admin. This vulnerability has not gone unnoticed on the internet underground and is already being exploited. While DDoS attacks are by no means a new phenomenon these unsecured IoT devices are being hijacked to magnify their strength and the problem is likely to only get worse. Just last month the source code for an IoT botnet dubbed “Mirai” was released to the world. This software continuously scans the internet for insecure IoT devices and then loads malicious software that turns them into “bots” by forcing them to connect to a control server to be leveraged in powerful, large scale attacks designed to disrupt internet traffic.
To put this into perspective, in 2015 the largest DDoS attack recorded came in around 149Gbps of traffic. The two largest attacks this year have weighed in at 555Gbps and 623Gbps and both were powered by Mirai.
So what does this mean? So far, not much thankfully. Most of the reported attacks using these IoT botnets have been directed at game servers or individual users. However the recent attacks on DNS provider Dyn, which prevented users in Europe and North America from accessing many of the Internets largest platforms and services, has show the disruptive power of these botnets.
As more and more critical devices are connected and critical services rely on the internet the disruption caused by these botnets has the potential to cause very real damage if aimed at physical infrastructure.
So what can users do to help limit the impact and protect their devices? For the average user, not much. Many of these devices have complex or non-existent methods of changing their administrative credentials. For most users this is something they are not even going to think about when setting up a new device. What is needed is for hardware vendors to step up their game and stop viewing security as nothing more than a cost.
Earlier this week security experts spoke in front of congress and warned representatives that the current lack of security standards for IoT devices was a big part of the problem, and that IoT manufacturers needed to embrace additional security practices to prevent harm to users and the internet. It was argued that government regulation was required to force manufacturers to secure their devices. We can only hope that these warnings have not fallen on deaf ears and the problem of IoT security is addressed sooner rather than later.
Hey, glad that i stumble on this in bing. Thanks!
Do you mind if I quote a couple of your articles as long as I provide credit and sources back to your webpage? My website is in the very same area of interest as yours and my users would really benefit from some of the information you present here. Please let me know if this okay with you. Appreciate it!
I get pleasure from, cause I found just what I was having a look for. You have ended my four day long hunt! God Bless you man. Have a nice day. Bye
I enjoy you because of all your efforts on this website. Gloria takes pleasure in carrying out research and it is obvious why. We all hear all relating to the powerful medium you present vital items via your web site and as well strongly encourage response from other individuals about this concern so my child is always being taught a whole lot. Enjoy the remaining portion of the new year. You are conducting a splendid job.
Its like you read my mind! You seem to know a lot about this, like you wrote the book in it or something. I think that you could do with a few pics to drive the message home a bit, but instead of that, this is magnificent blog. An excellent read. I’ll definitely be back.
Hey there this is kind of of off topic but I was wanting to know if blogs use WYSIWYG editors or if you have to manually code with HTML. I’m starting a blog soon but have no coding knowledge so I wanted to get advice from someone with experience. Any help would be enormously appreciated!
I simply needed to say thanks again. I am not sure the things I might have made to happen without the type of tips contributed by you over such theme. Certainly was a real frustrating situation in my position, however , looking at a new professional manner you resolved that forced me to weep over fulfillment. Extremely happy for this help and pray you really know what a powerful job you have been accomplishing instructing others all through your webblog. I am certain you’ve never come across any of us.
Thanks for every other informative website. Where else may just I get that kind of information written in such a perfect means? I’ve a mission that I am simply now working on, and I’ve been on the look out for such information.
I do not even know how I ended up here, but I thought this post was good. I do not know who you are but definitely you’re going to a famous blogger if you aren’t already 😉 Cheers!
Valuable info. Lucky me I found your site by accident, and I’m stunned why this twist of fate didn’t happened earlier! I bookmarked it.
It¡¦s actually a nice and helpful piece of info. I¡¦m happy that you shared this helpful information with us. Please stay us informed like this. Thanks for sharing.
I have been absent for a while, but now I remember why I used to love this web site. Thanks , I¡¦ll try and check back more frequently. How frequently you update your website?
I as well as my pals ended up reading the excellent thoughts located on the website and so at once I had a horrible feeling I never expressed respect to you for those strategies. These young boys ended up absolutely passionate to read through them and now have extremely been taking pleasure in those things. Many thanks for really being so thoughtful and also for picking out this sort of amazing subject matter millions of individuals are really desperate to learn about. My personal sincere regret for not expressing gratitude to you sooner.
Thank you for any other magnificent post. Where else may just anybody get that kind of info in such a perfect approach of writing? I’ve a presentation next week, and I’m at the search for such information.
Hi! This is my first visit to your blog! We are a collection of volunteers and starting a new project in a community in the same niche. Your blog provided us valuable information to work on. You have done a outstanding job!
Fantastic beat ! I would like to apprentice while you amend your site, how could i subscribe for a blog website? The account helped me a acceptable deal. I had been tiny bit acquainted of this your broadcast provided bright clear idea
The other day, while I was at work, my cousin stole my iPad and tested to see if it can survive a 25 foot drop, just so she can be a youtube sensation. My apple ipad is now destroyed and she has 83 views. I know this is entirely off topic but I had to share it with someone!
Perfect piece of work you have done, this web site is really cool with wonderful info.
Have you ever considered writing an ebook or guest authoring on other websites? I have a blog based on the same topics you discuss and would love to have you share some stories/information. I know my visitors would enjoy your work. If you are even remotely interested, feel free to send me an e-mail.
Have you ever considered about adding a little bit more than just your articles?
I mean, what you say is valuable and all. But think of if you added some great visuals or videos to give your posts more, “pop”!
Your content is excellent but with pics and clips,
this website could certainly be one of the greatest in its field.
Terrific blog!