IoT (Internet of
Things) is the network of physical objects, devices, vehicles, buildings and
other items which are embedded with electronics, software, sensors and network
connectivity that enables these objects to collect and exchange data. It is
also the infrastructure of the information society. On the other hand, a botnet
can be defined as a number of computers connected with internet, communicating
with similar machines in which components located on networked computers
communicate and coordinate their actions by command and control or by passing
messages to one another. Mainly, they are used to send spam email or
participate in distributed denial-of-service attacks.
A Mirai botnet is a
malware that turns computers that run Linux into remotely controlled bots,
which can be used as part of the botnet in large-scale network attacks. It
mainly targets online consumer devices like cameras and home routers. The Mirai
botnet has caused many problems, of recent it disrupted internet services in
Germany and infected almost 2,400 TalkTalk touters in the UK (US Cert Govt,
2016). It is also capable of infecting Sony cameras as in the case of the
recent where researchers published evidence of 80 models of Sony cameras
vulnerable to Mirai takeover.
A Distributed Denial of
Service (DDoS) attack is an attempt to make an online service unavailable by
overwhelming it with traffic from multiple sources. They aim at a wide variety
of vital resources from banks to news websites, and present a major challenge
to making sure people can publish and access important information.
The DDoS attacks
computers and internet connected machines, usually with reasonable level of
protection. It also attacks the IOS which opens up a variety of devices to
potential attacks for example printers to cameras, fridges, thermostats,
sensors and routers among others. Many different tools handle various parts of
preventing these types of attacks. Some of them include firewalls (Traditional
and next generation), Intrusion Prevention Systems (Tradition and Next
Generation), and Web Application Firewalls (WAF). Because a DDoS is simple, it
can be performed with anyone with enough amount of technical skills and
knowledge. This simplicity has now been extended to DDoS attacks through botnet
rentals and Website Booster Services (Radware, 2014). This makes almost anyone
who has a public internet connection a target for potential attacks. Pertaining
companies that do business majorly on the internet, this is especially
concerning. For example, a survey carried out, 40 percent of business say that
DDoS attacks are a growing threat that they see on their networks.
A lot can be done to
curb these attacks by DDoS. First is overprovisioning, that is, buying excess
bandwidth or redundant network devices to handle any spikes in demand
(databreachtoday, 2016). Such an approach is not cost effective especially
because it requires the addition of redundant network interfaces and devices.
Regardless of the initial effect, attackers nearly need to increase the volume
of the attack to defeat the extra capacity.
Also, accurately
distinguish good traffic from bad traffic to preserve business continuity not
just to detect the overall presence of an attack. Also include performance and
architecture to deploy upstream to protect all points of vulnerability.
Possible again, maintain reliable and cost efficient scalability.
The internet can be
made safer through a number of ways. First is by use of specialized On-premise equipment.
Here, the enterprise is doing all the work to stop the attack, but instead of
relying on scripts or an existing firewall they purchase and deploy dedicated
DDoS mitigation appliances. The Internet Service Provider (ISP) can also be
used. In this case, some enterprises use their ISP to provide DDoS mitigation
(Techsafely, 2015). This ISPs have more bandwidth than an enterprise would,
which can help large volumetric attacks.
References
Retrieved from: http://www.databreachtoday.com/mirai-bonet-knocks-out-deutsche-telekom-routers-a-9565
Retrieved from: https://www.us-cert.gov/ncas/alerts/TA16-288A
Retrieved from: https://www.radware.com/solutions/security/
No comments:
Post a Comment