IoT Attacks Against Big Cloud Business
(FYI: IoT means Internet of Things)
IoT Attack Against Dyn:
One of the most widely covered cyberattacks of 2016 used IoT devices to launch a massive DDoS attack. DNS service provider Dyn estimates 100,000 endpoints flooded its architecture on Oct. 21, resulting in congestion and outages for websites such as Twitter, PayPal, Amazon, and Netflix. To launch the attack, hackers used a botnet created with the Mirai strain of malware. Mirai scans the web for vulnerable IoT devices, infects them, and secretly persists awaiting commands from the attacker. Security cameras and DVRs allegedly comprise the bulk of infected devices in the Mirai botnet, although other hacked IoT devices, such as routers, are also present. During the IoT attack against Dyn, traffic surges from the botnet are estimated to have peaked at a record-breaking 1.2 Tbps, although this is unconfirmed. Consider the financial and reputational damage inflicted on Dyn by the attack. Now also consider the cascading effect as services such as PayPal and Netflix were knocked offline, also hurting their reputations and bottom lines. The destructive potential of attacks that use the internet of things is clear. Why Should You Care? Some of the examples above cite the work of security researchers to uncover vulnerabilities and potential attacks, not cybercriminals actually launching attacks. But the threat is real – and it could be on your network.
Poorly secured firmware in thousands of routers, IP cameras, and other devices have created a vast landscape of insecure systems. Sure, your company is not likely to buy a Cayla doll for the office, but what about an IP camera? Or how about a $30 wifi router? Many of these devices are just as dangerous. Always choose devices that include software updates, and choose devices that update automatically when possible. Always change default passwords, and ban the use of such devices on networks that house sensitive data. Filter email for spam and malware This should go without saying – but be sure to use an effective email filter to remove dangerous and distracting messages from the inbox. The email should be filtered by geography (i.e. if you do not do business in Russia, then you should not receive emails from Russia). Also, make use of blacklists and whitelists – explicitly defining who is and who is not allowed to send inbound emails to the company.
Need some more information? Want to speak with someone that knows a bit about network security? It’s FREE! just call. Protecting your business against the latest cyber threats is what Team Absolute Care does, just ask for a FREE consult or network evaluation.