Q
Problem solve Get help with specific problems with your technologies, process and projects.

IoT malware: How can internet-connected devices be secured?

IoT botnet DDoS attacks have been growing in volume and impact. Expert Nick Lewis explains how you can ensure your internet-connected devices are secure from IoT malware.

Several internet sites and companies were hit with a series of record-setting DDoS attacks, which were carried...

out using a botnet of internet-connected devices infected with IoT malware. The devices included home security devices, routers, DVRs and cameras. How do these IoT devices get infected with malware? Are there any best practices for securing IoT devices?

The distributed denial-of-service (DDoS) attacks in late 2016 demonstrated a significant effect on enterprises and the internet at large.

DDoS attacks have been around for almost 20 years, and they have gotten worse as attackers have discovered new methods of conducting and sustaining these attacks.

DDoS attacks have increased in volume over the last year -- the Dyn domain name system (DNS) attack by the Mirai botnet of compromised internet of things (IoT) devices peaked at 1.2 Tbps. There was significant collateral damage on major cloud services that used Dyn for DNS. Other victims of IoT botnet DDoS attacks include infosec journalist Brian Krebs' website and the European web hosting firm OVH. A Symantec report found a dozen different IoT malware families infecting IoT devices.

The call to secure IoT devices continues to gain attention, as it has been demonstrated that IoT insecurity has a far reaching impact on the internet.

Internet-connected devices typically get infected by IoT malware because users maintain insecure default configurations and default accounts. While the use of defaults has long been an issue with most endpoints, they have typically been behind firewalls that provided a minimal level of protection.

There are many best practices for developing and deploying IoT devices, but a first step would be to restrict inbound network access from the internet and to change default passwords. Companies should also monitor outbound network traffic for any signs that their routers or IoT devices have been compromised and are being used for DDoS attacks or for routing suspicious traffic.

Enterprises and internet service providers should ensure they have DDoS mitigation plans in place in the event they are hit with an attack. 

Next Steps

Learn how bad password security contributed to the Mirai IoT botnet DDoS attacks

Find out how to prevent IoT attacks beyond having network-level defenses

Discover how enterprises can prepare for the growing challenges and risks of IoT

This was last published in February 2017

Dig Deeper on DDoS attack detection and prevention

PRO+

Content

Find more PRO+ content and other member only offers, here.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

How does your enterprise secure its IoT devices from malware?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close