Page 4 - Cyber Warnings
P. 4
Will the Internet of Things Become an Internet of Attacks?
By Avi Freedman, CEO of Kentik
The Internet of Things (IoT) promises many business and lifestyle benefits from the data
gathering, communications and control capabilities of sensors and software embedded in a
huge variety of devices that have previously been mute.
That promise comes with a dark shadow, however. Distributed Denial of Service (DDoS)
attackers already have a significant advantage over those trying to defend businesses because
the Internet infrastructure industry allows IP address forgery on a vast scale, enabling attackers
to launch untraceable attacks with impunity.
Add in billions of connected devices engineered with scant attention to security, and you’ve
dealt another powerful card into the hand of cyber-criminals who can deploy ever more
paralyzing DDoS attacks amplified a thousand-fold by leveraging these devices’ vulnerabilities.
For those who aren’t familiar with the term, DDoS is when attackers send IP traffic from many
hundreds or thousands of compromised devices to consume the resources of vital IT
infrastructure such as network routers and web servers.
Those thousands of compromised devices are controlled by a so-called botnet.
Sadly, the world is full of poorly engineered networks in which botnets can thrive because those
networks don’t implement basic hygienic measures to check that computers sending traffic from
IP addresses have been assigned to them. In fact, up to 40 percent of the Internet today allows
botnets to function with no impediment.
Way back in 1992, I witnessed the birth of Denial of Service attacks when I helped launch
Netaxs, Philadelphia’s first-ever ISP.
We were surprised and concerned when some of our customers became the earliest targets of
crude DoS attacks. In those days, most of the attacks were precipitated by ordinary folks falling
out over some topic being discussed on an electronic bulletin board.
One party would change the IP address on his Sun server, and start sending a flood of TCP
SYN messages (the first message in a TCP/IP conversation) to their target’s web server. The
web server would try to start up many concurrent web sessions and eventually run out of
memory and crash.
Over time, two things changed. The first is that attackers became more sophisticated by
unleashing distributed attacks from large groups of Internet-connected computers that had been
hacked and controlled centrally as part of a botnet.
4 Cyber Warnings E-Magazine – June 2016 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
