IT Security: The Many Risks Involved in the Internet of Things

IoT devices and industrial machinery are increasingly targeted by professional cyber-attacks, especially DDoS attacks. Preventing this kind of attack is the companies’ responsibility.

The internet of things opens up new opportunities. Smart factories with connected industrial machines, smart cities with trailblazing innovations and smart homes with next-generation appliances and everyday items designed to make our lives easier are emerging. Looking at the industrial context, besides connected manufacturing facilities, the digitization of business processes involves the rise of cloud applications. The number of native cloud applications rose from 20,400 in October 2014 to 220,000 in October 2016.

But there is a dark side to this brave new connected world. If they’re unprotected, IoT devices can be hijacked for cyber-attacks, which are often directed against the devices themselves. By 2020 it is expected that 25% of cyber-attacks will target IoT devices.  One of the most popular methods of cyber-attack is and will be the DDoS attack.

The situation – a dramatic rise in DDoS attacks

In 2017, the number of IoT devices in use passed the 8-billion mark. More and more of them are getting infected. Botnets are multiplying.

According to the latest surveys, almost half of businesses are concerned about their IT security.  2 thirds of decision-makers in IT expect a DDoS attack within the next 2 years.  Almost all of them fear disastrous consequences for their companies if a DDoS attack hits. Those security concerns are justified: in the past 6 months, the number of DDoS attacks detected and fended off by the Link11 Security Operation Center has risen by more than a third compared to the previous half year , a figure only likely to increase.

The threat – the Mirai botnet and its myriad versions

The Mirai botnet, now known around the world, was the first of its kind to piggyback on the IoT’s rise, using it to launch DDoS attacks. For this purpose, vulnerabilities in the IoT devices’ standard factory software are exploited. In late 2017, 3 US students admitted to having written and spread the Mirai malware. Mirai is still one of the largest and most dangerous botnets on a global level and was behind some of the most severe criminal DDoS attacks in modern history.

Currently, a great number of botnets of different types is in circulation, all based on the Mirai code. These are the most common of the newer botnets:

The Persirai botnet

The attackers use the Persirai botnet to exploit several security flaws of IP cameras. 1,250 different models by a Chinese manufacturer producing cameras for numerous western brands are affected. The

IoTroop botnet

The IoTroop botnet is primarily tuned into smart homes. It targets routers, surveillance cameras, NAS systems and DVRs. The exploit uses vulnerabilities on the firmware level.

The Hajime botnet

Hajime is a particularly insidious piece of malware, which successfully closes up ports previously used for Mirai attacks on the one hand, but also opens several others to build its own botnet. The Hajime software wields considerable destructive power as it’s extremely adaptable and can quickly adjust to new features – even updates – introduced to the affected devices.

These are just a handful of examples of extant botnets. New versions are constantly under development. Each new weak spot, once found, can and likely will be used to create new malware designed to turn internet-enabled devices in connected systems into weapons for DDoS attacks.

The method – objectives of DDoS attacks

DDoS attacks based on IoT devices are particularly vicious as they can hit any part of a company. For example, DDoS attacks may:

• Deactivate individual computers, specific services or even entire networks
• Affect specific hardware systems such as alarm systems, laptops or phones
• Impair individual system resources such as routing data, bandwidth or memory capacity
• Introduce malware designed to cause errors in computers’ micro-code or processor functions
• Permanently damage the entire operating and control system

The likelihood of a coordinated attack using multiple DDoS vectors is very high at 45 %.  A coordinated DDoS attack causes severe damage whose true extent only becomes apparent to the targeted company with time.

IoT security – an important investment in the future

In order to provide efficient protection from IoT-based DDoS attacks, there must be a focused effort to upgrade IoT security. Dedicated security investments prevent unauthorized external access and make IoT devices botnet-proof.

To protect their own devices from being exploited, businesses should at least:

• Change the standard settings as often as possible
• Use strong authentication processes and passwords
• Set up state-of-the art device scans

However, these basic measures are not enough. One of the most effective defense mechanisms against IoT attacks is a DDoS protection solution that checks and filters data traffic before it even reaches the company’s network.

In an increasingly connected world, the significance of IT security is also increasing. It is more and more important for companies to take efficient measures like DDoS protection solutions to provide comprehensive protection for their own as well as their customers’ data.