https://www.iotworldtoday.com/wp-content/themes/ioti_child/assets/images/logo/footer-logo.png
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
Iot World Today
  • NEWSLETTER
  • Home
  • News
    • Back
    • IoT World 2020 News
  • Strategy
  • Special Reports
  • Galleries
  • Business Resources
    • Back
    • Webinars
    • White Papers
    • Industry Perspectives
    • Featured Vendors
  • Other Content
    • Back
    • IoT World 2020 News
    • Q&As
    • Case Studies
    • Features
    • How-to
    • Opinion
    • Video / Podcasts
  • More
    • Back
    • About Us
    • Contact
    • Advertise
    • Strategic Partners
  • IOT World Events
    • Back
    • Internet of Things World: San Jose
    • IoT World 2020 News
  • newsletter
  • IIoT
  • Cities
  • Energy
  • Homes/Buildings
  • Transportation/Logistics
  • Connected Health Care
  • Retail
  • AI
  • Architecture
  • Engineering/Development
  • Security
ioti.com

Security


1903.png

Who Will Save Us When the Bots Take Control?

As the IoT grows, the vulnerability of its devices grows too, with larger DDoS attacks becoming increasingly likely. Luckily, there's a solution in place so these devices do not need to be recalled.
  • Written by Roger Ordman
  • 15th June 2017

On October 21, 2016 the world was attacked by robots! I am not talking about Skynet and I don't expect the Terminator to come to our rescue. I am referring to the denial-of-service (DoS) attacks on Dyn performed by the Mirai botnet.

The attack targeted systems operated by Domain Name System (DNS) provider Dyn which made major Internet platforms and services such as Airbnb, Amazon.com, BBC, CNN, Electronic Arts, GitHub, Netflix, The New York Times, PayPal, Twitter, Verizon Communications, Visa, The Wall Street Journal and Xbox Live unavailable to large swathes of users in Europe and North America.

How was this accomplished? The distributed denial-of-service (DDoS) attack was accomplished through a large number of DNS lookup requests from tens of millions of IP addresses. These are believed to have been executed through a botnet consisting of a large number of Internet-connected devices — such as printers, IP cameras, residential gateways and even baby monitors — that had been infected with the Mirai malware. With an estimated load of 1.2 terabits per second, the attack is, according to experts, the largest DDoS on record.

Mirai scours the web for IoT devices protected by little more than factory-default usernames and passwords, and then enlists the devices in attacks that hurl junk traffic at an online target until it can no longer accommodate legitimate visitors or users.

It's possible to clean an IoT system infected by Mirai, but the botnet scans systems so often that there's a high chance of recurrence. You can destroy the malicious code by rebooting the device, but experts warn that vulnerable IoT devices can be re-infected in minutes. And this is bad news as Gartner Inc. projects connected devices to rise to 6.4 billion worldwide in 2016 with almost 5.5 million devices being connected daily.

Telecommunications company Level 3 advised users to upgrade devices and set strong passwords, according to the Wall Street Journal. But this is easier said than done. Even if the device has a configurable username and password changing it is not straight forward as the devices do not usually have neither a screen nor a keyboard and requires the device to be hooked up to a PC and then accessed. In some of the devices the username and password are hardcoded into the firmware requiring a software update to reset them.

And here we have it, without the use of an OTA Update solution all these devices will need to be recalled (Chinese electronic firm Hangzhou XiongMai said it will recall some of its IoT devices) or run the risk of continuing to be used as a host for any type of malicious botnet code. With an OTA Update solution in place the new code can be efficiently and securely delivered and installed to any device, anywhere in the world in a matter of hours.

Fixing cybersecurity vulnerabilities is not the only benefit that device manufacturers and service providers benefit from with an OTA Update system because an OTA system generates a real-time and updated database of all the connected devices and their software inventory. This knowledge is the basis for usage statistics, maintenance and feature upgrades keeping the devices safe and up-to-date throughout their life-cycle.

We will not be judged upon issues that occur with our devices but rather by our ability to address them… without having to depend on a Terminator coming back from the future to save us!

Tags: Article Security Strategy Technologies

Related


  • IoT security
    IoT Device Security: Risk Assessment, Hygiene Are Key
    As devices and data proliferate at the edge of the network, IT pros have encountered new challenges in securing enterprise IT systems.
  • Five Principles in a Zero-Trust Security Approach to IoT
    IoT devices have created vulnerability for IT networks, but a zero-trust security approach can lock down attack vectors. Here are five key principles.
  • Tactics for Successfully Selling IoT Technologies
    While this year has proven the value of digitization, many enterprises need persuasion. Experts discuss strategies for successfully selling IoT.
  • LynxSecure Datasheet
    LynxSecure is a tiny separation kernel that can be programmed to partition a modern processor into secure virtual environments. It is not RTOS. It is not a traditional hypervisor. It is smaller than a microkernel (as small as 15Kb). LynxSecure requires and leverages the hardware virtualization capabilities of certain modern CPUs to (1) establish secure […]

Leave a comment Cancel reply

-or-

Log in with your IoT World Today account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Related Content

  • Kudelski IoT Labs Fact Sheet
  • Cybersecurity Crisis Management During the Coronavirus Pandemic
  • In Industrial Realm, Trustworthy Software Means Safety
  • Integrating Analog Controls into IIoT Systems

News

View all

Private LTE Market Projected to Grow to $13 Billion

12th January 2021

IoT World Announces 2021 IoT World Advisory Board

9th December 2020

White Papers

View all

Zero Trust Manufacturing: Navigating Complex Supply Chains to Build Trusted IoT Devices

27th January 2021

IoTConnect and How to Get Started

27th January 2021

Special Reports

View all

Cybersecurity Protection Increasingly Depends on Machine Learning

28th October 2020

Webinars

View all

Weber’s Journey: How a Top Grill Maker Serves Up Connected Cooking

25th February 2021

From Insights to Action: Best Practices for Implementing Connected Device Security

15th December 2020

Galleries

View all

Top IoT Trends to Watch in 2020

26th January 2020

Five of the Most Promising Digital Health Technologies

14th January 2020

Industry Perspectives

View all

IoT Spending Holds Firm — Tempered by Dose of ‘IoT Pragmatism’

1st December 2020

The Great IoT Connectivity Lockdown

11th May 2020

Events

View all

IoT at the Edge

17th March 2021

Embedded IoT World 2021

28th April 2021 - 29th April 2021

IoT World 2021

2nd November 2021 - 4th November 2021

Twitter

IoTWorldToday, IoTWorldSeries

#IoTpentesting is critical as #IoTdevices proliferate and #edgecomputing becomes the norm. dlvr.it/RrWr0Y https://t.co/LsMH1VJJFk

28th January 2021
IoTWorldToday, IoTWorldSeries

Zero Trust Manufacturing: Navigating Complex Supply Chains to Build Trusted IoT Devices dlvr.it/RrTDP4 https://t.co/fuH0GrHJrX

27th January 2021
IoTWorldToday, IoTWorldSeries

PKI: The Solution for Designing Secure IoT Devices dlvr.it/RrTDNF https://t.co/KBWcsksAQi

27th January 2021
IoTWorldToday, IoTWorldSeries

Five Guiding Tenets for IoT Security dlvr.it/RrTDGS https://t.co/Ss17Vn4sFw

27th January 2021
IoTWorldToday, IoTWorldSeries

📢 Announcing #EIOTWORLD Silver Sponsor @ONETech_AI! 💡 Learn more about sponsoring Embedded IoT World here:… twitter.com/i/web/status/1…

27th January 2021
IoTWorldToday, IoTWorldSeries

IoTConnect and How to Get Started dlvr.it/RrT1gl https://t.co/6Vci1hvOV2

27th January 2021
IoTWorldToday, IoTWorldSeries

RT @IoTWorldToday: #IoTsecuritytrends in 2021 will feature new threats given #remotework, #digitalhealth and #edgecomputing. https://t.co/S…

27th January 2021
IoTWorldToday, IoTWorldSeries

#IoTsecuritytrends in 2021 will feature new threats given #remotework, #digitalhealth and #edgecomputing.… twitter.com/i/web/status/1…

25th January 2021

Newsletter

Sign up for IoT World Today newsletters: vertical industry coverage on Tuesdays and horizontal tech coverage on Thursdays.

Special Reports

Our Special Reports take an in-depth look at key topics within the IoT space. Download our latest reports.

Business Resources

Find the latest white papers and other resources from selected vendors.

Media Kit and Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • IoT World Series
  • Channel Futures
  • RISC-V
  • Dark Reading
  • ITPro Today
  • Web Hosting Talk

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Login/Register

FOLLOW IoT World Today ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookies Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X