IoT is Causing a Dyn

by Lauren Ascroft on 25 Aug 2017

IoT

The Internet of Things (IoT) is growing at a rapid pace, with manufacturers of everything from fridges to jeans coming under pressure to quickly provide new connected products. McKenzie & Company predicts the annual growth rate of IoT devices to be about 33 percent, with Garner forecasting an additional 21 billion endpoints will be in operation by 2020.

Whilst early media coverage was focused on how the IoT was going to enrich our lives, last October their tune somewhat changed with the IoT born distributed denial of service (DDoS) attack on the global domain name system (DNS) server Dyn.

The attack coordinated bombarding the Dyn server with traffic until it collapsed under the strain, resulting in the websites for Twitter, the Guardian, Netflix, Reddit, CNN and many others going offline. What made the DDoS attack unique at the time is that the primary source of malicious attack traffic wasn’t from a typical botnet of computers, but  largely made up of an army of infected IoT devices. In the aftermath, Dyn itself estimated that the attack had involved 100,000 malicious endpoints, and said the extraordinary attack strength was some 1.2Tbps – roughly twice as powerful as any previous DDoS attack on record.

The Dyn attack was a stark warning for many. Previously, IoT devices were added to a network with their factory-set login and passwords remaining unchanged as they were not deemed a threat. However, post-Dyn, a record of the credentials of numerous popular IoT devices has been leaked on the dark web for all to see, meaning the attack vector needs to be closed before it is too late.

It is somewhat ironic that one of the benefits of IoT technology – the fact that you can just plug it in and it works – is the very reason why IoT devices have become so dangerous to a corporate network. The problem is that manufacturers have have rushed product to market.  These products have been developed by teams who have focused on functionality and have fallen into the trap of using protocols that have not been thoroughly vetted from a security standpoint.

The risks posed by IoT devices are unfortunately here to stay. Here are some tips every organisation should consider, to help ensure employees, partners and customers remain safe:

1. Deploy a new Wireless Intrusion Prevention System (WIPS) that can easily isolate rogue access points and stop man-in-the-middle (MiTM) attacks in real time.

2. Use Wi-Fi network segmentation to separate guest and private networks.

3. Use policies to segment IoT devices away from guest and private networks.

4. Use a Unified Threat Management (UTM) appliance to secure the traffic as it traverses each network segment.

If you would like more information please contact the Rockford team here… or call us on 0333 101 9000 – Option 1.

Thanks for reading all the way to the end!
We'd love 'it' if you shared this article.

I'm looking to support 'it'

Installing, maintaining and configuring a Watchguard Product.

Expert Configuration, Emergency 24/7 Support

Help Me

I'm looking to buy 'it'

Firewall, Unified Threat Management (UTM), Wireless and Virtual Solutions.

Help me Choose

Show Me