October 14, 2016
Hacked Smart Devices Are Being Used To Launch Web Attacks
Much has been written about the explosion in the size of the Internet of Things: a dizzying and rapidly growing collection of internet-connected objects that we use to make our lives more convenient. These days, you can find smart versions of everything from televisions to refrigerators, video cameras, home security systems, thermostats and more.
The unfortunate problem, however, is the fact that almost none of these devices have even rudimentary security measures in place. Even a hacker with a limited skill set could easily take control of these devices, and that’s precisely what’s been happening.
Recently, French-based hosting provider OVH fell victim to the largest DDOS attack ever recorded. At its peak, the attack pushed more than one terabyte per second of traffic toward the company’s servers. Subsequent investigation has revealed that a botnet numbering more than 150,000 slaved internet objects participated in the historic attack.
Unfortunately, this will not be the last time we see attacks of this type or magnitude. In fact, it won’t be long before we look back on the days of attacks of this size with a sense of wistfulness.
The reason is simply that the various manufacturers who make smart devices have, to this point, shown little to no interest in making their devices more secure. Until and unless that changes, these devices will remain the low-hanging fruit of the internet.
Since these devices are so easily captured and slaved, we can only expect that botnets will continue to grow in size, which means that the attacks they are used in are only going to increase in both size and intensity. That’s bad news for small to medium sized business owners, because it’s much easier for a hacker to increase the size of his botnet than it is for IT managers to increase their ability to withstand their attacks. We must secure the Internet of Things. Few challenges are more important, or more daunting.