Blog Date: 10/21/2016
Author: Ray Coulombe

DDoS attacks have existed and accelerated dramatically since 1999: A network of computers bombards a website with millions of messages to the point that the system can’t handle the traffic and shuts down. Until now, these attacks focused on hijacking computers with malicious software and recruiting them into “botnets” to send messages.

But now, thanks to the IoT, there is an expanded focus - compromising all manner of devices, including surveillance cameras, where attackers want to compromise the availably of some resource(s), be it a website, a machine, or a capability.

So, how can we minimize the risk of a botnet hijacking? Here’s a few ways to limit the risk of participating in a DDoS attack:

1. Develop and enforce a protocol for any network-connected device that touches your organization to ensure that it gets a secure name and password, is set up for secure WiFi (WPA2), and receives available updates.
2. Set your routers and firewalls to reject any unauthorized attempt by network devices to communicate outside of your internal network. Print servers, for example, probably don't need to have regular access to the Internet.
3. Make sure your intrusion protection system is set to scan for unauthorized devices and check to see if your firewall is set to trigger alerts when devices attempt to reach the internet.
4. Confirm that any new devices in your organization support your security requirements from trusted vendors, including the ability to support secure WiFi.
5. Where possible, try to use wired networking rather than wireless. It’s not foolproof – just a little better.
6. Make cyber hygiene a priority throughout your organization, not just the security staff. This includes ongoing training about opening any email link or file; deploying new devices that touch the network; and, being aware of the various faces social engineering can take.

Just a few simple steps can help protect your entire business from a major shut down and hacking operation. The IoT is a great step forward in technology, the security is lagging far behind!

Hear from a panel of experts this year at the 2016 Securing New Ground event on October 19-20 in New York.

IoT: Embracing Opportunity and Managing Risk
October 19 from 9:10-9:55am
Once defined and restricted by proprietary technology, the security industry has turned the corner and become part of the movement embracing open connectivity and IoT. We embrace the flexibility and simplicity of connecting devices and sensors to our systems, but acceptance has created new vulnerabilities and risk. Hear what industry experts say about how IoT is redefining everything from the consumer and residential markets to the future of enterprise level security.
Learn more

Back to Blog List