Story image

IoT and DDoS attacks: A match made in heaven

19 Mar 2019

Article by A10 Networks Regional VP Sales Adrian Taylor

By 2020, Gartner predicts the total number of IoT devices will reach 20.4 billion. At the same time, DDoS attacks are on the rise, with Cisco estimating that the number of DDoS attacks exceeding 1 gigabit of traffic per second will soar to 3.1 million by 2021.

While correlation does not equal causation, in this case I believe that the two are connected. There is indeed evidence to show that IoT devices are a common thread in large-scale DDoS attacks and that the two reports above are not just a coincidence.

Earlier this year, A10 launched its own Q4 2018 State of DDoS Weapons report which shed additional light onto the connection between IoT devices and devastating DDoS attacks. The findings have exposed the role that IoT plays as one of the biggest cybersecurity threats of our time.

An overview of DDoS attacks and IoT

It comes as no surprise that IoT is continuing to grow at breakneck speed: A 2018 report from Bain found that the combined markets of IoT will reach $520 billion in 2021, more than double the amount spent in 2017.

According to the State of DDoS Weapons report, that translates to a growth rate of 127 connected devices per second, a number that will undoubtedly grow over the coming years. 

Unfortunately, this IoT explosion also provides attackers with a perfect opportunity to hack into vulnerable connected devices, especially for the purpose of building botnets (networks of malware-infected connected devices that can be used to send an overwhelming number of requests to the target’s server). 

As Eurecom discovered, hackers have already developed brand new strains of malware designed to target IoT devices specifically. Knowing this, it’s clear that the age of IoT-based DDoS attacks isn’t just on the horizon — it’s already here. 

Some of the top IoT malware dropped have already reached global levels of infamy. Take for example the Mirai malware, which brought major websites like Reddit and Github to their knees.

In the Q4 2018 State of DDoS Weapons report, A10 found that five of the top IoT malware dropped belong to the Mirai family, with the sixth belonging to the Gafgyt/Bashlite family. 

The majority of those malicious IoT items are hosted in the U.S., Italy, the U.K., Germany and the Netherlands. In terms of ASNs, the majority of IoT malware is hosted by Frantech, DigitalOcean, Aruba, Forthnet and HOSTiO.

IoT DDoS attacks and 5G

The increasing size of DDoS attacks today is bad enough, but things are about to get worse with the widespread adoption of 5G.

That’s because the implementation of 5G will usher in an age of unprecedented data speeds and significantly lower latency, meaning that DDoS attacks will have to be mitigated in a matter of seconds, not minutes.

With Ericsson estimating that the number of IoT devices with a cellular connection will reach 4.1 billion by 2024, it’s plain to see why vulnerable 5G-connected IoT devices will pose a serious threat to organisations around the globe.

If left unchecked, the scale of 5G-connected IoT DDoS attacks is likely to make even the biggest attacks of today pale in comparison.

To combat the next generation of 5G DDoS attacks, it’s imperative that organisations implement advanced DDoS threat intelligence that combines real-time threat detection and automated signature extraction. Only then can organisations effectively defend themselves against the colossal, hyper-fast DDoS attacks of the future.

It is with advances in the 5G and IoT market that we will begin to see a rise in major DDoS attacks as current reports show.

It is a double-edged sword as the risks of using IoT is high, but the benefits are also many. If organisations can prepare themselves now for this future, then security teams can be ready to face the next large-scale DDoS threat before it arrives.

If the warnings from these reports are instead ignored or left until the last moment then DDoS attacks will be allowed to find the perfect partner in IoT.

Veeam reports double-digit Q1 growth
We are now focussed on an aggressive strategy to help businesses transition to cloud with Backup and Cloud Data Management solutions.
Paving the road to self-sovereign identity using blockchain
Internet users are often required to input personal information and highly-valuable data from contact numbers to email addresses to make use of the various platforms and services available online.
Veeam releases v3 of its MS Office backup solution
One of Veeam’s most popular solutions, Backup for Office 365, has been upgraded again with greater speed, security and analytics.
Too many 'critical' vulnerabilities to patch? Tenable opts for a different approach
Tenable is hedging all of its security bets on the power of predictive, as the company announced general available of its Predictive Prioritisation solution within
Industrial control component vulnerabilities up 30%
Positive Technologies says exploitation of these vulnerabilities could disturb operations by disrupting command transfer between components.
McAfee announces Google Cloud Platform support
McAfee MVISION Cloud now integrates with GCP Cloud SCC to help security professionals gain visibility and control over their cloud resources.
Scammers targeting more countries in sextortion scam - ESET
The attacker in the email claims they have hacked the intended victim's device, and have recorded the person while watching pornographic content.
Cryptojacking and failure to patch still major threats - Ixia
Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.