The Internet of Trouble

Blog Date:  10/14/2016
Author:  Ray Coulombe
Category(s):  Cyber Security

You’ve probably heard of Brian Krebs, the journalist who exposes cyber criminals and groups linked to large-scale hacks at retailers, hotel chains and restaurants. Recently, his website was the source of a massive wave of bogus Internet traffic—some 600-700 gigabits per second—that overwhelmed the sites server and it’s content delivery network. Many cameras, broadband routers, and other Internet of Things (aka smart devices) played a part in the attack.

Prolexic, the company owned by Akamai that was protecting Krebs’ site, couldn’t justify supporting his website, krebsonsecurity.com, any longer with this amount of traffic and stopped hosting it. His website was temporarily shut down.

The size of this attack, known as a distributed denial of service (DDoS), isn’t rare. In fact, the cyber hacker responsible for Krebs’ shutdown has launched other large-scale attacks across the web causing other DDoS hits.

In an article, Akamai chief security officer Andy Ellis said that the company is still researching the denial of service attack on Krebs’ site, but he said that his was one of a small number of sites—most based in Europe—that were on the receiving end of the flood of traffic. The previous high for a denial of service attack measured by Akamai was 363 Gbps.

Internet of Things devices are playing a greater role in botnets, according to Akamai. Botnets are made up of tens of thousands of Internet of Things devices, including DVRs and connected IP cameras. These machines are super vulnerable to simple hacks in that both masters are easily able to build up vast networks of compromised systems to send those gigantic amounts of traffic to a specific target.

Just this summer, a botnet of 25,000 CCTV cameras was used to initiate significant attacks across the world. So what does this mean, really?

Action has to be taken at the ISP level and across all IoT device producers. ISPs around the world have to move in effort to shut down access from hacked machines and the device makers need to stop practicing bad habits, like leaving easily guessed default passwords on commercial products. Be sure to investigate the cyber hardening of any IoT-type device before using or recommending, although, right now, that information may be hard to come by.

Hear from a panel of experts this year at the 2016 Securing New Ground event on October 19-20 in New York.

IoT: Embracing Opportunity and Managing Risk
October 19 from 9:10-9:55am
Once defined and restricted by proprietary technology, the security industry has turned the corner and become part of the movement embracing open connectivity and IoT. We embrace the flexibility and simplicity of connecting devices and sensors to our systems, but acceptance has created new vulnerabilities and risk. Hear what industry experts say about how IoT is redefining everything from the consumer and residential markets to the future of enterprise level security.
Learn more

 

Resource Blogs

Most Recent Blogs Listed for Ray Coulombe.

image

Stay Safe! While Traveling This Summer

It’s summer vacation time! The last thing you need to worry about it is getting your identity stolen while you’re sitting on a beach somewhere exotic. In 2016, more than 15 million Americans were victims of identity theft, up 16 percent from the previous year, according to Experian. Plus, about 33 percent of that fraud took place when people were traveling. Here’s a few tips to staying safe all summer while traveling...
read more -->

image

Rethinking Cabling

Cat 5e became an ANSI/TIA/EIA standard in 2001, Cat 6 in 2002, and Cat 6a in 2008. However, it may be extremely useful to consider taking advantage of other existing cabling infrastructure in lieu of running new. Read more to learn how to approach cabling.
read more -->

image

Off the Beaten Path at ISC West

This year at ISC (the International Security Conference and Exposition), I was determined to try to see the latest iStechnologies hiding in the nooks and crannies—literally! I visited booths in the back, the basement, small kiosks hidden inside larger vendor books, and throughout the Emerging Technology Zone.

In case you missed the show, I’ll round up some of the best new technologies and companies to keep an eye on. Read more.
read more -->

image

Cyber Crime Taking Down Cities

Earlier this year, in March, the City of Atlanta’s nearly 8,000 employees heard words they never thought they would hear: “It’s okay to turn your computers on.” Their computers were powered off for five days. In those five days Atlanta residents could not pay traffic tickets, water bills, or report city issues. Read how ransomware impacted this metropolitan area.
read more -->

image

A Few Thoughts on K-12 School Security

There is no one size fits all when it comes to K-12 school security. Schools vary in so many ways: size, age, local environment, affluence, culture, governance, and more. Read some helpful tips and resources that might just help your school be better prepared.
read more -->