US Has A Strategy To Defend Against Another Massive IoT Attack

Uploaded on 2016-11-01 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE--USA, TECHNOLOGY--Hackers

The US Department of Homeland Security is working with law enforcement and private companies to find ways to prevent another distributed denial of service attack like the one that occurred on October 22nd.

The basic pattern of a DDoS attack is nothing new: an attacker uses malware to recruit internet-connected computers into a globe-girdling robot army, which upon command overwhelm their target with unwanted requests. What’s changing is the tremendous growth in the Internet of Things, or IOT, the devices, from PCs to home routers to smart refrigerators, that we attach to the net. Far too many of these are installed with widely known factory-default passwords or other vulnerabilities, making them easy recruits for bot armies.

“The volume of DDoS attacks has more than doubled over the last 18 months. It’s now approaching 650 gigabytes a second. That’s only possible because they’ve been recruiting IOT devices,” said one government official with direct knowledge of the attack. “We need to have a deliberative conversation about baking in security as much as possible into Internet of Things devices.”

US officials believe the cyberattack that interrupted Twitter, Netflix and other websites has been mitigated, Homeland Security Department Secretary Jeh Johnson said in a statement recently. DHS held an information sharing conference call with 18 major communication services providers the day the distributed denial of service, or DDoS, attack occurred, said Johnson.

DDoS attacks involve hacking into unsecured computers and other internet-connected devices, then using those devices to flood a site with more requests and commands than it can handle. The recent attack targeted Dyn, a company that provides web optimisation services to numerous major Internet companies.

Johnson confirmed security researchers’ reports the attack used a type of malware called Mirai, which targets connected devices such as webcams and entertainment systems, and was earlier used to attack the website of cybersecurity reporter Brian Krebs and a French internet service provider.  

The DHS cyber operations hub, the National Cybersecurity Communications and Integration Center, is working with law enforcement and private companies on ways to combat the malware, Johnson said.

DHS is also working on a set of strategic principles for securing connected devices, known as the Internet of Things, which will be released in coming weeks, he said.

The Internet of Things has grown exponentially in recent years but the security of those devices has lagged, Joshua Corman, director of the Atlantic Council’s Cyber Statecraft Initiative, told reporters in a conference call today. Many connected devices carry known software vulnerabilities that can be exploited by hackers, but consumers either don’t know how to patch those vulnerabilities or, in some cases, aren’t able to, he said.

On an individual level, those vulnerabilities—a connected refrigerator sending out spam emails, for example—are not particularly dangerous, he said. When those vulnerabilities are taken in aggregate, however, they can do great damage as the Dyn attack showed.

“There’s a strong instinct to focus on safety critical [systems] where bits and bytes meet flesh and blood,” Corman said. “The cognitive dissonance from this particular set of attacks is you can’t neglect lower-priority devices.”

DefenseOne:     DefenseOne:     Hackers 'weaponised' Malware To Mount  Massive Assault:

 

 

« ISIS Social Media Ops Are Declining
Where The Money Is: Bank Robbers Blow Up 492 ATMs »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Cognizant

Cognizant

Cognizant offer services and solutions for IT Infrastructure Security, Enterprise Mobility and Internet of Things.

LogonBox Software

LogonBox Software

LogonBox Software specialises in producing a cost-effective range of Network Security and Identity Management software solutions for all sizes of Enterprise.

APrivacy

APrivacy

APrivacy provides information and communication security products for the financial services industry.

Post-Quantum

Post-Quantum

Post-Quantum offer a unique, patented quantum-resistant encryption algorithm that can be applied to existing products and networks.

Matta

Matta

Matta is a cyber security consulting company providing information security services and solutions including vulnerability assessments, penetration testing and emergency response.

OneSpan

OneSpan

OneSpan (formerly Vasco Data Security) is a global leader in digital identity security, transaction security and business productivity.

AXA XL

AXA XL

AXA XL is the P&C and Specialty Risk Division of AXA. Professional insurance products include Cyber Insurance.

Capsule8

Capsule8

Capsule8 is the only company providing high-performance attack protection for Linux production environments.

Cyber Polygon

Cyber Polygon

Cyber Polygon is an annual online exercise which connects various global organisations to train their competencies and exchange best practices.

Prove Identity

Prove Identity

Prove (formerly Payfone) is a leader in mobile & digital identity authentication for the connected world.

CyberSheath Services International

CyberSheath Services International

CyberSheath integrates your compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and in fact might probably weaken your security posture.

Cyware

Cyware

Cyware is the only company building Virtual Cyber Fusion Centers enabling end-to-end threat intelligence automation, sharing, and unprecedented threat response for organizations globally.

Esprinet

Esprinet

The Esprinet Group is an enabler of the technology ecosystem: a team of people who promote access to technology through an extensive network of professional resellers.

COPA-DATA

COPA-DATA

COPA-DATA is the only independent software manufacturer to combine in-depth experience in automation with new possibilities of digital transformation – reliable, future-proof and operating worldwide.

InnovateHer

InnovateHer

At InnovateHer, our vision is to make the tech sector more equitable, by increasing diversity across the spectrum and creating more inclusive workplaces.

Driven Technologies

Driven Technologies

Driven is a cloud native service provider transforming the way companies leverage technology to improve business by securing, modernizing, and connecting applications, users, and data.