It’s something we’ve known was coming for a very, very long time. In October, the Internet was brought down by one of the largest DDOS attacks in history. The cause?
A fleet of hacked IoT devices, including web-connected cameras and DVRs. Developed and manufactured by companies which traditionally lack IT expertise, these feature-rich devices rarely have proper security preinstalled. As a result, they’re rife with vulnerabilities – many connected devices in the enterprise don’t even have a proper firewall.
“In a new study, security firm ForeScout has shown that it takes fewer than three minutes to hack many common Enterprise IoT devices,” writes Ken Briodagh of IoT Evolution World. “This in-depth analysis shows the dangers posed by enterprise IoT devices, and seems to reveal that most can act as points of entry into critical enterprise networks…bad actors are now easily able to use insecure devices to gain access to secure networks, and ultimately other enterprise systems chock full of tasty bank account information, personnel files and proprietary business information.”
In other words, it’s going to get worse before it gets better – a whole lot worse. While there have been some efforts to establish security standards for embedded devices, we’ve still a long time before those gain a foothold. In the meantime, all we can do is wait and guard ourselves against the inevitable – because currently, there are no meaningful penalties for failing to properly secure an IoT device.
“Security on IoT devices is not evolved and is not a top agenda item for developers,” explains Carl Weinschenk of IT Business Edge. “IoT developers also have to keep things as inexpensive as possible, and security may be one area in which they look to cut costs. This is a real danger: Many of the functions that the IoT devices will provide – such as monitoring heart patients and keeping tabs on the security of power plants – make it dangerous for them to be offline for extended periods of time.”
Grim news, isn’t it?
The worst thing about all this is that unless you’re a large enterprise with either an extensive, there’s a good chance you don’t have the resources to defend against this sort of thing. You need load balancers. You need dedicated appliances that protect against bogus traffic, and a monitoring solution to detect it.
In short, you need to dedicate a significant volume of time, resources, and budget towards DDOS attacks, or you’ll be let high and dry when one hits you.
Don’t worry. Here’s where Liberty Center One comes in – our dynamic load balancing systems not only help you weather periods of especially high usage/traffic, but also works to protect you from the bulk of even the nastiest DDOS attack.
Follow Liberty Center One: