DDoS Side Effects
The new attack du jour as of late has been the DDoS. These recent attacks have used significantly the IoT devices to magnify the attack effects. This was devastating, in the short-term, to the targets. One of these was Twitter.
This mode has been a viable attack vector for years. This is not new. The attacks though years ago focused on renting bots or taking over other nodes, i.e. consumer equipment and possibly commercial. These new attacks implemented IoT devices. These would have ranged from light bulbs to refrigerators and other connected devices in the consumer’s home.
This has highlighted again the lack of cyber-security in the IoT devices. These were engineered for one purpose-the consumer does not have to touch the lamp to turn it on or off and lights can be programmed to become brighter when your favorite college football team scores, the temperature in the house is regulated by the connected thermostat based on when the consumers are present, etc.
The one aspect that largely has been ignored during the design and implementation, cyber-security, is one of the most important. This may be due to the limits of available size for certain hardware or the engineering focus being the experience and security would be applied later.
This lack of security application has allowed certain attackers the ability to leverage this to exponentially increase the magnitude of the DDoS attacks. This should be addressed much earlier in the development. With bypassing this, the IoT industry has allowed itself, intentionally, to be used by deviants as a tool to use for their own needs. The engineers in development had a binary path with the security – intentionally not design this into the product and hope no one notices all of the devices that could be taken over or in the alternative had no idea that security should be implemented even when cyber-security is in the news quite frequently and he negative effects of not having security in place being well-publicized.
Either route has the same issues and vulnerabilities. This needs to be addressed ASAP and updates sent over the air (OTA) to correct this. Until this is done, the attacks using these will continue. The 1T/second DDoS attack may become normalized.
About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.