Preventing IoT cyberattacks starts at the network
It’s official: the DDoS attack on Dyn in October was not just huge but a record breaker, earning the unenviable badge of world’s largest Distributed Denial of Service hack. Scott Hilton, Executive Vice President of Products at Dyn, placed the number of infected IoT devices at the source of the attack at 100,000, with peaks of over 1Tbps of traffic. Since then, another major DDoS incident has taken place, bringing down the internet infrastructure of an entire country. The attack on two companies in Liberia on November 3rd is estimated to have involved around 500Gbps of traffic, a relatively small figure compared with the Dyn hack. The incident overwhelmed the African nation’s single internet cable, and illustrated the potential damage which could be wrought on geographies and networks of a similar size.
These attacks likely mark the beginning of similar incidents in the future, as more smart devices are connected to the virtual ecosystem. The very devices which are supposed to make consumers’ lives easier and which show off advancements in IoT tech are being turned into weapons of cyber warfare, causing huge damage to network infrastructure.
Limited access to the likes of Twitter, Facebook and Amazon following the attack on Dyn last month was a pain for internet users, but this was just the tip of the iceberg. The attack came at a huge cost to the company at the centre, and DDoS attacks in the future will cause similar damage, both financially and in terms of brand reputation. And, as and the number and adoption of IoT devices increases – from kitchen gadgets like coffee makers, to smart energy meters – the number of IoT hacks will also rise.
To serve consumer demand, many IoT devices were created with affordability rather than security as a priority. Most major hacks require sophisticated network breaches, though in contrast, many IoT devices are easy to hijack as they are unprotected and often still have an unchanged default password. The number of IoT devices in use by 2020 will surpass 20 billion, according to research by Gartner, so manufacturers and designers of these devices must work together to ensure they are better secured, in order to minimise the number of attacks going forward.
Yet the effort of device manufacturers and designers does not solve the current problem of the millions of unsecured and seemingly innocuous devices in use right now. Rather than looking at the problem at the device level, we can address it at the network level: operators need to be prepared and adopt a strategy to protect and harden their infrastructure against the threat of IoT hacks.
Stress test with TeraVM
Operators are already able to use solutions like TeraVM to stress test their network functions, applications, and security performance, delivering coverage for application services, wired and wireless networks. They can stress test their networks against the wide range of global malware viruses that could strike their networks, at any time and location.
The threat of IoT attacks is a global one: what happened to Dyn on US East Coast could just as easily happen to any operator on any continent, at any time. As such, operators should consider looking at ways to move and share their testing resources internally, maximising the chances of identifying any potential viruses that lies across their entire business. TeraVM is a virtualised solution enabling the flexibility to run anywhere, from a physical lab or datacentre to the cloud, a feature which supports this cost-effective sharing of resources.
Finally, even if cybersecurity defences are in place, a network still needs to allow uninterrupted connectivity to and from IoT devices. The security overhead involved in dealing with an attack can negatively impact overall performance of the underlying network, so understanding performance limitations under high traffic load in the presence of an attack is vital to a defence strategy.
The number of connected devices has risen dramatically in recent years and will continue to do so, and while there is much that can be done at the device level to minimise the number of IoT hacks in the future, operators must also prepare for the inevitable. Implementing a compressive security strategy, which continually delivers real-world threat emulations, is a logical step for any operator to make sure its network is secure against the array of hacks it could fall victim to.
Click on the button below to find out more about our Validation solutions.