Following the news that one million IoT devices were infected by malware driven DDoS bonet, Sean Newman, Director at Corero Network Security commented below.

Sean Newman, Director at Corero Network Security:

Sean Newman“This is yet another example of how the collective power of vulnerable devices openly connected to the internet can be harnessed for nefarious activities.  The rise of IoT, and the devices associated with it, is making it easy for today’s educated attackers.

“IoT devices often have just enough processing power to deliver their required functionality, with security an after-thought at best and often not present at all.  Combine this with the fact that access control passwords which do exist are often left at their factory defaults, or users choose alternatives which are easy to crack using brute force techniques, then this problem is not going away any time soon.

“Attackers typically take the path of least resistance to achieve their results and IoT is gifting them a new weapon in their armory.

“The good news, from the perspective of DDoS defense, is that defending a volumetric attack from thousands of sources sending a small amount of traffic, versus a small number of sources sending larger volumes, can be defended against using much of the same techniques.”

Information Security Buzz