Since September, several cyber-attacks have targeted a series of entities present in the network (including DNS Internet service providers, numerous webs residing in Liberia and the personal page of an expert in online security).
They were all victims of distributed denial-of-service attacks (DDoS), where concentrated flows of traffic are sent every second from thousands of different addresses to flood victims’ networks. As these attacks are based on sheer size and force rather than specific vulnerable spots or software errors, they are difficult to overcome.
For an attack of this sort to be successful, a multitude of network connected elements are used to send a constant flow of requests. To control such an elevated number of devices, access is needed, either legitimately or otherwise.
Specifically, these attacks use a group of elements on a network infected by malware and controlled by a single person (or group) to launch a DDoS attack.This has promoted greater awareness of security and the vital role it plays as it was this very lack of security that left devices open to an attack in the first place.
A malware, Mirai, was responsible for these outages. It primarily attacks computer systems based on Linux and turns them into remotely controlled bots for the attacker to use in any way he sees fit. Mirai’s greatest success has come from infecting IoT elements such as webcams, printers or video recorders and even routers. These devices are designed to be remotely accessed and often use unmodifiable default passwords, a security flaw that leaves them vulnerable to attack. Mirai used a well-known set of default usernames and passwords to try and access these devices through trial and error.
Once control is gained over a group of devices, DDoS attacks can be launched and target any element connected to Internet.
These events have highlighted a difficult problem to solve. Many IoT items are cheaply made and little or no attention is given to the security aspect. They do not receive customer support or updating services (and may not be able to update in the first place), so their default passwords are indefinite and, should new vulnerabilities come to light, impossible to fix.
In Teldat, our devices operate on a higher layer than IoT devices and one of our main goals is to provide the best security possible at all times by being fully aware of present and future events and innovations in Internet security.