Getting To Grips With DDoS Attacks In An IoT World

Build your front line against the Botnet Army


Distributed Denial of Service (DDoS) attacks jumped into mainstream consciousness last year after several high-profile cases. The most widely reported was the Dyn takedown, which was performed using poorly secured and hijacked IoT devices.

A DDoS attack occurs when an attacker attempts to flood a targeted network with superfluous traffic until it overwhelms the servers, denying access to legitimate traffic. These attacks are increasing both in number and in scale - 2016 saw a 138% year-on-year increase in the total number of attacks greater than 100Gbps.

IoT is the new battleground

The Dyn attack used the Mirai botnet which scanned for IP devices protected only by factory-set defaults or hard coded usernames and passwords. Once hijacked, a device becomes part of a botnet, which bombards targets with malicious traffic.

With the number of connected devices rapidly increasing - 20bn devices by 2020 - what steps can businesses take to protect themselves?

First: contain the threat

A key development for managing networks and their web of connected devices is IoT containment. This approach creates virtual isolated environments, grouping selected connected devices and authorized users into a specific container. Each container ensures the right conditions for devices to operate properly by enforcing Quality of Service rules that can reserve or limit bandwidth, prioritize mission-critical traffic and block undesired applications.

IoT containers can be created for individual departments within a business, creating isolated environments while still having a single physical network. Each container’s ‘network’ of devices would be limited to authorized personnel and be invisible to devices outside of the container. This way if one container is compromised, the others stay isolated from that threat.

Second: protection at the switch

Businesses should ensure switch vendors are taking the threat seriously, with procedures to maximize hardware protection. A good approach can be summed up in a three-pronged strategy.

  • Ensure the switch operating system is verified by 3rd party security experts - look at manufacturers which have ongoing relationships with leading industry security experts
  • Scramble object code within the switch’s memory - this prevents a hacker from attacking multiple switches as the sections of open source code would be unique
  • Download the official operating system from the vendor’s secure servers - this reduces the risk of a switch being tampered with before delivery

Third: simple things to secure smart things

As well as establishing a more secure core network, there are simple precautions you can take right now to enhance device protection.

  • Change the default password A very simple and often overlooked procedure
  • Update the software Stay up-to-the-minute with the latest updates and security patches
  • Prevent remote management Disable the remote management protocols, such as telnet or http that provide control from another location

Evolve your network
The Internet of Things has a great transformative potential for businesses in all industries. But with any new wave of technical innovation comes new challenges. We are at the beginning of the IoT era, which is why it’s important to get the fundamental network requirements in place to not only support the increase in data traversing our networks but minimize risk from cyber-attacks.


Read next:

Harnessing The Full Spectrum Of Integration