In the week of September 19, the France-based web hosting provider OVH was the victim of the largest Distributed Denial of Service (DDoS) attacks the internet has known to date. The attacks reached over 1 Tbps of traffic. According to the founder and CTO Klaba, the DDoS attack were launched via hacked internet-connected cameras and digital video recording devices. The massive attack was carried out via a network of over 150,000 devices.
IoT is playing a big part in society nowadays, they are integrated in, for example, our houses, organizations and hospitals. Since the amount of IoT and connected devices is growing rapidly, the number of entry points for attackers increases more and more. These IoT devices or other devices such as routers, security cameras, DVRs, smart fridges, thermostats and even lightbulbs that are connected to the internet, can be easily infected. The functioning mechanism is usually not very complex and the devices cannot be scanned with antivirus software, and the devices are vulnerable or poorly configured. They are routinely being hacked and used to launch cyber attacks, the growing amount of connected devices exacerbates the issues of more and more DDoS attacks.
Since there are so many entry points for hackers provided by connected devices, people are vulnerable of becoming a member of a botnet. What we can do to prevent this from happening is making sure that our devices are not connected to the internet all the time and to change passwords.
The remaining question is how necessary it is to have devices such as lightbulbs, fridges or video recorders connected to the internet. The rapidly growing amount of IoT and other connected devices does certainly not go hand in hand with security.
What do you think, is it needed to have so many devices connected to the internet?
Sources:
http://thehackernews.com/2016/09/ddos-attack-iot.html
http://techviral.com/hackers-creates-history-launches-worlds-largest-1tbps-ddos-attack/
http://securityaffairs.co/wordpress/51726/cyber-crime/ovh-hit-botnet-iot.html
https://www.hackread.com/internets-largest-1tbps-ddos-attack-iot-devices/
Dear Anneke, thank you for your blog! I agree that for me, not that many devices have to be connected to the internet. However, some people seem to find it convenient to be able to control electronics through the internet, making more and more devices connected. While I think this trend will continue to grow, I also believe this should go hand in hand with improving cybersecurity. One thing you mentioned to prevent this is to regularly update passwords, which I believe a lot of people do not do. Hence, with the increase in devices connected to the internet, all parties involved should promote the security of these devices. I think a lot of people do not see harm in not changing their password, nor do they think they will be cyberattacked. Maybe by making people more aware, less attacks have the potential of happening.