SECURITY
21
By Ingo Schneider, Director of
Business Development & Data
Network Infrastructure, Alcatel-
Lucent Enterprise
www. enterprise.alcatel-lucent.com
Getting to grips with DDoS attacks
and the Botnet army when it comes
to Internet of Things devices
Distributed Denial of Service (DDoS) attacks jumped into the
mainstream consciousness last year after several high profile
cases – one of the largest and most widely reported being
the Dyn takedown in October 2016. While not necessarily a
new threat, they have in fact been around since the late ‘90s
and the Dyn takedown is an interesting example as it used
poorly secured IoT devices to coordinate the attack.
When you consider that by 2020 it’s predicted there
will be 20 billion connected devices as part of the growing
Internet of Things, the need to implement the right netwo rk
procedures and tools to properly secure all these devices is
only going to grow.
The Internet of Things is the new battleground. With rent-
a-bots on the rise,
put simply, DDoS attacks occur when an attacker attempts
to make a network resource unavailable to legitimate users
by flooding the targeted network with superfluous traffic
until it simply overwhelms the servers and knocks the service
offline. Thousands of these attacks happen every year, and
are increasing both in number and scale. According to some
reports, 2016 saw a 138% year-on-year increase in the total
number of attacks greater than 100Gbps.
The Dyn attack used the Mirai botnet that exploits poorly
secured, IP-enabled ‘smart things’ to swell its ranks of
infected devices. It’s programmed to scan for IoT devices
that are still only protected by factory set defaults or
hardcoded usernames and passwords. Once infected, the
device becomes a member of a botnet of tens of thousands
of IoT devices, which can then bombard a selected target
with malicious traffic. This botnet and others are available
for hire online from enterprising cyber criminals, and as their
functionalities and capabilities are expanded and refined,
more and more connected devices will be at risk.
Reducing the risk
So what steps can businesses take to protect themselves
now and in the in the future? First: contain the threat. With
the rise of IoT at the heart of digital business transformation
and its power as an agent for leveraging some of the
most important technological advances – such as big
data, automation, machine learning and enterprise-wide
visibility – new ways of managing networks and their web of
connected devices are rushing to keep pace.
www.networkseuropemagazine.com