IoT Vulnerabilities: Some Thoughts on the Dyn DDoS Attack and Resulting Site Outages

Unless you’ve been on a desert island for the past few days you’ve heard by now of the massive Distributed Denial of Service attack that brought many of the Internet’s most heavily trafficked sites to their knees last Friday, October 21st. If you’re catching up, these articles from Tech Republic and Gizmodo provide good overviews of what we know about the attacks so far, and why DNS infrastructure is so vulnerable – and getting more vulnerable all the time.

Download our IoT Reference Architecture for a pragmatic guide to deploying IAM to manage and secure the IoT.

The main things to know is that the growing proliferation of cheap, connected Internet of Things devices – webcams, wifi speakers, wearables, the list goes on and on – is making it far easier for cybercriminals to launch massive DDoS attacks. Why? Because many of these devices are shipped with default usernames and passwords, which are never changed by the end user, and so are easily taken over. Earlier in October, the Mirai botnet malware was made public, and it evidently played a role in the Dyn hack. I’ll have more to say on IoT vulnerabilities in the future, but some initial thoughts on what we saw last week:

IoT vulnerabilities are real, and as botnet based attacks become more frequent individuals and manufacturers need to be aware of the basic attack vectors that exist. In a typical DDoS or botnet style attack, the victim is often not the owner and, in fact, they may not even be aware their device has been exploited by cyber criminals. Yet, as we saw last week, the consequences can be extensive. Manufacturers need to take the necessary steps to protect against these types of attacks which can also be devastating for their brand. 

Learn more about how identity can help you to secure the IoT.