Last year, I wrote a piece about how the Internet of Things could pave the way for some of the biggest botnets in history. I take no pleasure in the fact that recent events have proven me right. From the recent attack targeting Krebs On Security (which caused him to be dropped by Akamai) to the 1 terabyte per second flood hurled at hosting provider OVH in September, things are getting worse – much worse.
And yet efforts to hold manufacturers accountable, to demand that IoT companies start injecting more security into their products, still lag behind. To make matters worse, one of the recent attacks – the one targeting Dyn, that brought much of the Internet to its knees in October – was the work of amateurs. Kids with a big gun, basically.
Imagine what sort of damage could be done if a botnet’s operator is motivated by more than the desire to cause a stir. Imagine if a black hat hacker or a terrorist organization got their hands on one of these massive, digital weapons. They could wreak widespread havoc.
It should go without saying that you need to be prepared for the kind of damage these botnets can do, and ready to mitigate the massive traffic they throw at you. Unfortunately, at this current juncture, there’s little else you can do but prepare. That said, I’d like to offer up some tips:
- Consider why you might be targeted. DDOS attacks occur for a wide array of reasons. Maybe the attackers are looking to make a political statement because they disagree with something your business did. Maybe they’re looking to extort you for money, or plan to use a DDOS to mask a more intricate attack. Or maybe they just want to cause grief for your clients.
- Establish a clear crisis response plan. Make sure you know exactly what to do in the event of a DDOS – which clients you need to contact and how you’ll contact them, what you’ll do during the attack, and how you’ll follow-up afterwards.
- Use a DDOS mitigation tool. Root Level Tech maintains a particularly powerful one with our hosting platform. Ideally, your goal is to reduce your attack aperture across the UDP, TCP, SYN, and ICMP protocols – they’re some of the most common avenues through which DDOS attacks occur.
The Internet of Things promises to change a great deal about the world. Unfortunately, in the short-term, not all those changes are good. Until such time as we ensure better security on Internet-connected devices, the threat surface of DDOS attacks has never been larger.