{"id":6210,"date":"2016-10-26T13:51:55","date_gmt":"2016-10-26T13:51:55","guid":{"rendered":"https:\/\/kasperskydaily.com\/b2b\/?p=6210"},"modified":"2022-04-26T16:47:40","modified_gmt":"2022-04-26T14:47:40","slug":"iot-ddos","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/iot-ddos\/6210\/","title":{"rendered":"IoT: You become responsible for what you have\u00a0deployed"},"content":{"rendered":"<p>Last week saw a <a href=\"https:\/\/threatpost.com\/mirai-fueled-iot-botnet-behind-ddos-attacks-on-dns-providers\/121475\/?utm_medium=blg&amp;utm_source=kb_post_161025&amp;utm_campaign=ww_promo\" target=\"_blank\" rel=\"noopener nofollow\">massive DDoS attack<\/a> aimed at Dyn, a major DNS provider. The attack disrupted a great many network services of global importance including Twitter, Netflix, Spotify, Airbnb, Reddit, Etsy, and SoundCloud. But perhaps the most interesting thing about this attack was that it used the Internet of Things (IoT).<\/p>\n<p>The problem is twofold: Connected devices are currently inherently vulnerable, and their owners take a lax approach to cybersecurity.<\/p>\n<blockquote class=\"twitter-pullquote\"><p>#IoT: You become responsible for what you have deployed. #Mirai #DDoS<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2Fqr9T&amp;text=%23IoT%3A+You+become+responsible+for+what+you+have+deployed.+%23Mirai+%23DDoS\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p>To sum up the attack: <a href=\"https:\/\/threatpost.ru\/mirai-bots-more-than-double-since-source-code-release\/18764\/\" target=\"_blank\" rel=\"noopener nofollow\">Mirai<\/a> malware infected the firmware of IoT devices, made the devices into a botnet, and used the botnet in a distributed-denial-of-service (DDoS) attack that took down Dyn. The malicious technique was not sophisticated at all; the criminals exploited default passwords and logins, which are hardly top secret. In other words, this method works on devices that use common defaults that cannot be changed manually and those whose owners never bothered to reconfigure default settings.<\/p>\n<p>The former problem is the fault of manufacturers. The latter rests with owners.<\/p>\n<p>Mirai surely co-opted the IoT devices of home and corporate users alike. Although we can\u2019t necessarily influence the former, we will say that corporate IoT users really must secure their devices. Ensuring IoT security is a big-picture move: If we all change the default passwords of IoT devices, attackers will find their botnets greatly diminished. File that under basic social responsibility.<\/p>\n<p>Don\u2019t call it hindsight, though: After Mirai\u2019s infection of IoT devices, we <em>will<\/em> see spyware authors taking advantage of the same method.<\/p>\n<p>Our recommendations:<\/p>\n<ul>\n<li>Audit IoT devices within your infrastructure;<\/li>\n<li>Change any default settings you find (especially common in medium and small companies using consumer-level routers);<\/li>\n<li>Enable secure passwords everywhere.<\/li>\n<\/ul>\n<p>Security is everyone\u2019s business, so do your part to help keep the world safe.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Who is responsible when connected devices go on a crime spree?<\/p>\n","protected":false},"author":2706,"featured_media":15307,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1999,3021],"tags":[1058,658,794,2473],"class_list":{"0":"post-6210","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-smb","9":"tag-ddos","10":"tag-internet-of-things","11":"tag-iot","12":"tag-mirai"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/iot-ddos\/6210\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/iot-ddos\/6210\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/iot-ddos\/7030\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/iot-ddos\/6210\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/ddos\/","name":"ddos"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/6210","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/2706"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=6210"}],"version-history":[{"count":2,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/6210\/revisions"}],"predecessor-version":[{"id":24234,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/6210\/revisions\/24234"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/15307"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=6210"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=6210"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=6210"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}