The Institute for Critical Infrastructure Technology, a think tank from Washington DC, is urging ISPs and device manufacturers to design security into their devices and systems, especially in light of recent Mirai DDoS attacks that injected over 1.1 Tbps of traffic into different institutions around the world and to shut down Dyn’s DNS.
Akamai Technologies, the cloud computing service responsible for keeping website KrebsOnSecurity, announced that it “Q3 report highlights a 138 percent YoY increase in total DDoS attacks greater than 100 Gbps with two record DDoS attacks caused by the Mirai Botnet Web application attacks decreased by 18 percent YoY; 20 percent of all web application attacks in Q3 originated from the United States.”
Script kiddies and experienced hacker groups are finding it easy to exploit connected devices as a result of the many vulnerabilities and open ports that can be easily researched on Shodan, a search engine for IoT devices. Not to mention that the author of the code for Mirai released it online shortly after the KrebsOnSecurity attack — code that can now be adapted for new targets and layered attack methods.
“The Mirai malware offers malicious cyber actors an asymmetric quantum leap in capability; not because of sophistication or any innovative DDoS code, rather it offers a powerful development platform that can be optimized and customized according to the desired outcome of a layered attack by an unsophisticated adversary,” the researchers explain in their report.
Manufacturers are not the only ones responsible for the lax security in IoT devices, as their negligence has also fueled user ignorance in terms of cybersecurity risks and best practices, researchers say. Regarding US security, regulation of IoT devices at the national level and economic incentives could form a suitable approach, yet it might not reduce IoT DDoS attacks as the traffic does not come from the US.
Gartner predicts that, by 2020, we will be dealing with some 50 billion IoT devices. What manufacturers don’t see is the larger picture of the dangers of a Mirai attack if launched against a nation state because the risks will probably not be fixed in the next four years.