Skip to main content

The Internet of Things, a secret Botnet Army and you

The Internet has revolutionised the way we live, the way we do business, the way we stay "connected". Since the birth of the Internet, technological advances have allowed us to mobilise our communications, automate everyday activities, enhance user experience and create an interconnected world in which we have come to rely on the Internet of Things.

When you begin to consider the tens of millions (or more) of "things" that allow us to maintain this interconnected network, you get a sense as to how vast the issue of securing the Internet of Things really is.

For example, Internet-based home automation such as video baby monitors, remote thermostat programming, home surveillance and security kits, connected lighting products (and the list goes on), are transforming how we manage our day-to-day lives. Remote management of these devices, through smartphones, online portals and the like has extended to every home, car, business, building and system in the world. While one can argue that the "IoT" is overused, misunderstood, a fad or perhaps a growth spurt in the evolution of technology, the increasing issue is the security of this phenomenon.

What we don’t hear about as often is how these vulnerable devices are the next frontier for cyber attackers. The average user of connected devices, whether that be your smart home, smart appliances, smart car or smart office, does not typically pay close attention to software updates or critical patching schedules or, as a matter-of-fact quite understand how these devices are connected or sharing data. How the human component contributes to an overall lack of security of the IoT is often underestimated.

DDoS, IoT, and you

In the case of distributed denial-of-service (DDoS) attacks, the reality is that any device, infrastructure, application etc., that is connected to the Internet is at risk for attack, or even more worrisome, to be recruited as a bot in an army to be used in DDoS attacks against unsuspecting victims. Statements made by FBI Assistant Director, Joseph Demarest earlier this year, indicate a major increase in botnet activity. "The use of botnets is on the rise. Industry experts estimate that botnet attacks have resulted in the overall loss of millions of dollars from financial institutions and other major US businesses," he said. The advent of IoT will only exacerbate this problem as it introduces billions of new potential bots.

[caption id="attachment_110728" align="aligncenter" width="645"]

DDoS, how to

Imagine this but with toasters, ovens and baby monitors as the attackers[/caption]

Commonly used DDoS toolkits abuse Internet services and protocols that are available on open or vulnerable servers and devices, to create a class of attacks that are virtually impossible to trace back to the originating attacker, known as amplification DDoS attacks. This raises serious concerns that this new type of attack surface could become wildly out of control in very short order. The magnitude of focused volumetric amplification DDoS attacks that exploit vulnerable Internet servers has recently been increasing to the point where attacks exceeding 100 Gbps are no longer rare. We’ve already seen that the size and sophistication of the attacks is increasing at a rapid pace, as evidenced by the recently dubbed largest ever cyberattack on Pro-Hong Kong websites, where the attack reached 500 Gbps.

We’ve not yet reached the top of maturity curve with DDoS attacks and as these threats will continue to grow in size, it is likely that 2015 will see the dawn of terabit-scale DDoS attacks – that’s if they are not already occurring. At the moment, more often than not, technology is lacking within the majority of organisations to effectively record attacks of this magnitude, therefore we are left with the impression that attacks of this size simply are not occurring.

Looking forward

Unless Internet service providers take intentional measures to deal with this class of attack, it is almost unthinkable to consider the scale and destruction that could be perpetrated by exploiting even a small fraction of the anticipated billions of IoT devices that will be deployed in the coming years.

These home automation solutions are not managed by Internet security teams, or 24/7 support staff patching and ensuring that these devices are free from potentially exploitable security vulnerabilities. The IoT is breeding its own army of botnets – it will be interesting to see how this plays out in 2015.

By Dave Larson, CTO of Corero Network Security, you can follow Corero on Twitter @Corero

Image credit: CloudFlare