ilolab - Fotolia
Several internet sites and companies were hit with a series of record-setting DDoS attacks, which were carried out using a botnet of internet-connected devices infected with IoT malware. The devices included home security devices, routers, DVRs and cameras. How do these IoT devices get infected with malware? Are there any best practices for securing IoT devices?
The distributed denial-of-service (DDoS) attacks in late 2016 demonstrated a significant effect on enterprises and the internet at large.
DDoS attacks have increased in volume over the last year -- the Dyn domain name system (DNS) attack by the Mirai botnet of compromised internet of things (IoT) devices peaked at 1.2 Tbps. There was significant collateral damage on major cloud services that used Dyn for DNS. Other victims of IoT botnet DDoS attacks include infosec journalist Brian Krebs' website and the European web hosting firm OVH. A Symantec report found a dozen different IoT malware families infecting IoT devices.
The call to secure IoT devices continues to gain attention, as it has been demonstrated that IoT insecurity has a far reaching impact on the internet.
Internet-connected devices typically get infected by IoT malware because users maintain insecure default configurations and default accounts. While the use of defaults has long been an issue with most endpoints, they have typically been behind firewalls that provided a minimal level of protection.
There are many best practices for developing and deploying IoT devices, but a first step would be to restrict inbound network access from the internet and to change default passwords. Companies should also monitor outbound network traffic for any signs that their routers or IoT devices have been compromised and are being used for DDoS attacks or for routing suspicious traffic.
Learn how bad password security contributed to the Mirai IoT botnet DDoS attacks
Find out how to prevent IoT attacks beyond having network-level defenses
Discover how enterprises can prepare for the growing challenges and risks of IoT
Dig Deeper on Malware, virus, Trojan and spyware protection and removal
Related Q&A from Nick Lewis
Cisco Talos' Thanatos ransomware decryptor can recover files affected by new ransomware that won't decrypt ransomed files even when a ransom has been... Continue Reading
A phishing campaign targeting Trezor wallets may have poisoned DNS or hijacked BGP to gain access. Learn how the attack worked and how to mitigate it... Continue Reading
Okta researchers found a bypass that allows macOS malware to pose as signed Apple files. Discover how this is possible and how to mitigate this ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.