US Has A Strategy To Defend Against Another Massive IoT Attack

The US Department of Homeland Security is working with law enforcement and private companies to find ways to prevent another distributed denial of service attack like the one that occurred on October 22nd.

The basic pattern of a DDoS attack is nothing new: an attacker uses malware to recruit internet-connected computers into a globe-girdling robot army, which upon command overwhelm their target with unwanted requests. What’s changing is the tremendous growth in the Internet of Things, or IOT, the devices, from PCs to home routers to smart refrigerators, that we attach to the net. Far too many of these are installed with widely known factory-default passwords or other vulnerabilities, making them easy recruits for bot armies.

“The volume of DDoS attacks has more than doubled over the last 18 months. It’s now approaching 650 gigabytes a second. That’s only possible because they’ve been recruiting IOT devices,” said one government official with direct knowledge of the attack. “We need to have a deliberative conversation about baking in security as much as possible into Internet of Things devices.”

US officials believe the cyberattack that interrupted Twitter, Netflix and other websites has been mitigated, Homeland Security Department Secretary Jeh Johnson said in a statement recently. DHS held an information sharing conference call with 18 major communication services providers the day the distributed denial of service, or DDoS, attack occurred, said Johnson.

DDoS attacks involve hacking into unsecured computers and other internet-connected devices, then using those devices to flood a site with more requests and commands than it can handle. The recent attack targeted Dyn, a company that provides web optimisation services to numerous major Internet companies.

Johnson confirmed security researchers’ reports the attack used a type of malware called Mirai, which targets connected devices such as webcams and entertainment systems, and was earlier used to attack the website of cybersecurity reporter Brian Krebs and a French internet service provider.  

The DHS cyber operations hub, the National Cybersecurity Communications and Integration Center, is working with law enforcement and private companies on ways to combat the malware, Johnson said.

DHS is also working on a set of strategic principles for securing connected devices, known as the Internet of Things, which will be released in coming weeks, he said.

The Internet of Things has grown exponentially in recent years but the security of those devices has lagged, Joshua Corman, director of the Atlantic Council’s Cyber Statecraft Initiative, told reporters in a conference call today. Many connected devices carry known software vulnerabilities that can be exploited by hackers, but consumers either don’t know how to patch those vulnerabilities or, in some cases, aren’t able to, he said.

On an individual level, those vulnerabilities—a connected refrigerator sending out spam emails, for example—are not particularly dangerous, he said. When those vulnerabilities are taken in aggregate, however, they can do great damage as the Dyn attack showed.

“There’s a strong instinct to focus on safety critical [systems] where bits and bytes meet flesh and blood,” Corman said. “The cognitive dissonance from this particular set of attacks is you can’t neglect lower-priority devices.”

DefenseOne:     DefenseOne:     Hackers 'weaponised' Malware To Mount  Massive Assault:

 

 

« ISIS Social Media Ops Are Declining
Where The Money Is: Bank Robbers Blow Up 492 ATMs »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Skybox Security

Skybox Security

Skybox combines firewall and network device data with vulnerability and threat intelligence, putting security decisions in your unique network context.

Guy Carpenter

Guy Carpenter

Guy Carpenter delivers a powerful combination of broking expertise, strategic advisory services, and industry-leading analytics.

Delta Risk

Delta Risk

Delta Risk is a global provider of managed security services and cyber security risk management solutions to government and private sector clients.

Smoothwall

Smoothwall

Smoothwall develop intelligent web filtering, Monitoring and security solutions designed to protect users worldwide.

Hubraum

Hubraum

Hubraum is Deutsche Telekom’s tech incubator, helping startups to create new business opportunities in areas including data analytics, AI, robot process automation and cyber security.

Penten

Penten

Penten is an Australian-based cyber security company focused on innovation in secure mobility and applied AI (artificial intelligence).

SafeGuard Cyber

SafeGuard Cyber

The SafeGuard Cyber SaaS platform empowers enterprises to adopt the social and digital channels they need to reach customers, while reducing digital risk and staying secure and compliant.

Evalian

Evalian

Evalian is a data protection services provider. Working with organisations of all sizes, we specialise in Data Protection, GDPR, ISO Certification & Information Security.

RevBits

RevBits

RevBits provides high-performance cybersecurity solutions including email security, endpoint security, deception technology and PAM solution to enterprise companies and public sector organizations.

Squad

Squad

Squad provides leading expertise to ensure protection against the most complex cyber threats. Combining the best practices of DevOps and Cybersecurity, we are committed to create a secured cyber space

RNTrust

RNTrust

RNTrust provide solutions to meet today’s digital challenges utilizing digital technologies and services to make you more secured in digitally connected environment.

Diligent

Diligent

Diligent's SaaS GRC platform gives leaders a connected view of governance, risk, compliance and ESG across their organization.

Mitigate Cyber

Mitigate Cyber

Mitigate Cyber (formerly Xyone Cyber Security) offer a range of cyber security solutions, from threat mitigation to penetration testing, training & much more.

Flat6Labs

Flat6Labs

Flat6Labs is the MENA region’s leading seed and early stage venture capital firm, currently running the most renowned startup programs in the region.

ECIT

ECIT

ECIT is your preferred provider of finance and IT services. We believe in the value of combining financial and IT services to streamline and improve the operation of your business.

American Binary

American Binary

American Binary is a Quantum Safe Networking (TM) and post-quantum encryption company.