Several internet sites and companies were hit with a series of record-setting DDoS attacks, which were carried...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
out using a botnet of internet-connected devices infected with IoT malware. The devices included home security devices, routers, DVRs and cameras. How do these IoT devices get infected with malware? Are there any best practices for securing IoT devices?
The distributed denial-of-service (DDoS) attacks in late 2016 demonstrated a significant effect on enterprises and the internet at large.
DDoS attacks have increased in volume over the last year -- the Dyn domain name system (DNS) attack by the Mirai botnet of compromised internet of things (IoT) devices peaked at 1.2 Tbps. There was significant collateral damage on major cloud services that used Dyn for DNS. Other victims of IoT botnet DDoS attacks include infosec journalist Brian Krebs' website and the European web hosting firm OVH. A Symantec report found a dozen different IoT malware families infecting IoT devices.
The call to secure IoT devices continues to gain attention, as it has been demonstrated that IoT insecurity has a far reaching impact on the internet.
Internet-connected devices typically get infected by IoT malware because users maintain insecure default configurations and default accounts. While the use of defaults has long been an issue with most endpoints, they have typically been behind firewalls that provided a minimal level of protection.
There are many best practices for developing and deploying IoT devices, but a first step would be to restrict inbound network access from the internet and to change default passwords. Companies should also monitor outbound network traffic for any signs that their routers or IoT devices have been compromised and are being used for DDoS attacks or for routing suspicious traffic.
Learn how bad password security contributed to the Mirai IoT botnet DDoS attacks
Find out how to prevent IoT attacks beyond having network-level defenses
Discover how enterprises can prepare for the growing challenges and risks of IoT
Dig Deeper on DDoS attack detection and prevention
Related Q&A from Nick Lewis
The Fruitfly Mac malware has decades-old code, but has been conducting surveillance attacks for over two years without detection. Expert Nick Lewis ...continue reading
A Gmail phishing attack brought users to fake login pages designed to look like Google's. Expert Nick Lewis explains how users can prevent similar ...continue reading
A HummingBad malware variant, HummingWhale, was discovered being spread through 20 apps on the Google Play Store. Expert Nick Lewis explains the ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.