US Has A Strategy To Defend Against Another Massive IoT Attack

Uploaded on 2016-11-01 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE--USA, TECHNOLOGY--Hackers

The US Department of Homeland Security is working with law enforcement and private companies to find ways to prevent another distributed denial of service attack like the one that occurred on October 22nd.

The basic pattern of a DDoS attack is nothing new: an attacker uses malware to recruit internet-connected computers into a globe-girdling robot army, which upon command overwhelm their target with unwanted requests. What’s changing is the tremendous growth in the Internet of Things, or IOT, the devices, from PCs to home routers to smart refrigerators, that we attach to the net. Far too many of these are installed with widely known factory-default passwords or other vulnerabilities, making them easy recruits for bot armies.

“The volume of DDoS attacks has more than doubled over the last 18 months. It’s now approaching 650 gigabytes a second. That’s only possible because they’ve been recruiting IOT devices,” said one government official with direct knowledge of the attack. “We need to have a deliberative conversation about baking in security as much as possible into Internet of Things devices.”

US officials believe the cyberattack that interrupted Twitter, Netflix and other websites has been mitigated, Homeland Security Department Secretary Jeh Johnson said in a statement recently. DHS held an information sharing conference call with 18 major communication services providers the day the distributed denial of service, or DDoS, attack occurred, said Johnson.

DDoS attacks involve hacking into unsecured computers and other internet-connected devices, then using those devices to flood a site with more requests and commands than it can handle. The recent attack targeted Dyn, a company that provides web optimisation services to numerous major Internet companies.

Johnson confirmed security researchers’ reports the attack used a type of malware called Mirai, which targets connected devices such as webcams and entertainment systems, and was earlier used to attack the website of cybersecurity reporter Brian Krebs and a French internet service provider.  

The DHS cyber operations hub, the National Cybersecurity Communications and Integration Center, is working with law enforcement and private companies on ways to combat the malware, Johnson said.

DHS is also working on a set of strategic principles for securing connected devices, known as the Internet of Things, which will be released in coming weeks, he said.

The Internet of Things has grown exponentially in recent years but the security of those devices has lagged, Joshua Corman, director of the Atlantic Council’s Cyber Statecraft Initiative, told reporters in a conference call today. Many connected devices carry known software vulnerabilities that can be exploited by hackers, but consumers either don’t know how to patch those vulnerabilities or, in some cases, aren’t able to, he said.

On an individual level, those vulnerabilities—a connected refrigerator sending out spam emails, for example—are not particularly dangerous, he said. When those vulnerabilities are taken in aggregate, however, they can do great damage as the Dyn attack showed.

“There’s a strong instinct to focus on safety critical [systems] where bits and bytes meet flesh and blood,” Corman said. “The cognitive dissonance from this particular set of attacks is you can’t neglect lower-priority devices.”

DefenseOne:     DefenseOne:     Hackers 'weaponised' Malware To Mount  Massive Assault:

 

 

« ISIS Social Media Ops Are Declining
Where The Money Is: Bank Robbers Blow Up 492 ATMs »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

RIVA Solutions

RIVA Solutions

RIVA provides innovative best practices in IT and management consulting, program support services and emerging technologies.

Virtustream

Virtustream

The Virtustream Enterprise Class Cloud provides a secure, highly available, Infrastructure as a Service (IaaS) to enterprises and government customers.

We Watch Your Website

We Watch Your Website

We Watch Your Website provide website monitoring, protection, malware removal and root cause analysis services to help you keep your website secure.

ADF Solutions

ADF Solutions

ADF Solutions is a leading provider of digital forensic and media storage exploitation tools.

Sogeti

Sogeti

Sogeti deliver solutions that enable digital transformation and offer cutting-edge expertise in Cloud, Cybersecurity, Digital Manufacturing, Quality Assurance, Testing, and emerging technologies.

GreyCastle Security

GreyCastle Security

GreyCastle Security is a leading cybersecurity services provider dedicated exclusively to cybersecurity and the practical management of cybersecurity risks.

IDnow

IDnow

IDnow is the world’s fastest, most flexible and most secure identity verification platform, delivering instant verification of the identity documents used by 7 billion people.

CM Blockchain Security Center

CM Blockchain Security Center

We are dedicated to building a healthier blockchain ecosystem, providing solutions to security technology, and helping those who practice in the area of blockchain to get insight into industry trends.

Document Security Systems (DSS)

Document Security Systems (DSS)

DSS anti-counterfeit, authentication, and brand protection solutions are deployed to prevent attacks which threaten products, digital presence, financial instruments, and identification.

usecure

usecure

usecure is a global provider of computer-based cyber security awareness training, offering the market’s most time-efficient, cost-effective and admin-lite solution for reducing insider threats.

Cyber Lockout

Cyber Lockout

Comprehensive ransomware insurance and preventative cybersecurity technology solution, working together to help protect businesses 24/7/365.

Maltego Technologies

Maltego Technologies

Maltego is a comprehensive tool for graphical link analyses that offers real-time data mining and information gathering. Applications include cybersecurity threat intelligence and incident response.

Entitle

Entitle

Entitle's SaaS-based platform automates how permissions are managed, enabling organizations to eliminate bottlenecks and implement robust cloud least privilege access.

GIS Consulting (GISPL)

GIS Consulting (GISPL)

From General Data Protection Regulations to advanced Network Infrastructure Audits, GIS Consulting has established a reputation as one the leading cyber security companies in the industry.

Night Lion Security

Night Lion Security

Night Lion Security provides discreet and bespoke investigation and incident response recovery services.

BestDefense

BestDefense

BestDefense offers proactive cybersecurity solutions that adapt in real-time to outpace evolving threats and ensure resilient protection for your critical assets.