- Tim Wellham
Dangers of IoT
The Oct. 21st 2016 DDoS attack on the domain name servers of DYN has been the recent topic of many articles lately. The attack left many websites offline for several hours. What I would like to focus on here is what we can do to prevent such attacks. First off this attack was a series of attacks that happened during the day starting at 7am Eastern time. Highly distributed, the attack involved 10s of millions ip addresses.
IoT devices infected with the Mirai botnet, which has it’s source code now published on the Internet, were part of the attack. DDoS (Distributed Denial of Service) may be the first way that IoT has been used for attacks, but it has the potential for more. They can sometimes be used as an entry point to the networks they are on.
So how can we stop these simple yet still smart devices from attacking us? First step to solving a problem is to identity what the problem is. And now that we’re aware of the problem we can address this issue. The most important steps are going to have to be done by manufacturers of the devices. First they need to be able to be securely upgraded. The update should be encrypted, signed, and done often to improve the security of the devices. The manufacturers and the developers should make security a priority. The manufacturers need to inform their customers of all the steps they should take to keep the IoT devices secure.
We need to know, as users of these devices, what they needs access to and only allow it to have that which is needed. In other words block all unnecessary access. This should be done in our entire network. Block all unnecessary protocols and make sure routers dump any junk packets. Another good way to protect our network is to separate these devices to a guest network.
Also many devices come with a default password issued by the manufacturer that can easily be obtained by the company’s website. Always pick secure passwords. Choose passwords that are different for each device that is connected.
All devices, everything connected to a network, need to be monitored for the amount of access being used. A device using more network access than normal is a indication of a problem. As more and more things become connected, we need to be aware of all the ways we can protect the products we buy as well as ourselves.
Good luck and stay safe.
