The internet of things (IoT) is hotter than ever and a constant topic in technology circles, meaning recent cybersecurity problems and their effect on critical internet services have thrown IoT into a serious spotlight. These breaches and outages have many businesses wondering how to protect their infrastructure in the face of such a serious threat.
The biggest attack in history occurred on October 21, 2016, when a malware-based attack against DYN, a provider of DNS services caused serious outages across the web. The malware-compromised set of IoT devices took down critical DYN DNS services and the effects were felt for hours. Vulnerabilities and attacks like these threaten infrastructure, the integrity of data, trust in various institutions, and in some cases, revenue.
Big Threat, DDoS Troubles
The threat only increases as the number of IoT devices rises. Evidence is easily found in a simple web-based discovery on the ShoDan devices search website. Thousands upon thousands of unsecured devices turn up all over the world. The numbers are so overwhelming that a recent report released during the annual RSA security convention showed how in the 10 largest US cities, 178 million IoT devices are openly visible and potentially vulnerable to attackers.
Fixing this issue will be tough and the threat is here to stay. Remote code execution bugs, weak passwords, minimal security and other weaknesses are pervasive in IoT devices. It is far too simple to produce IoT products that adhere to any standards, and there are virtually no consequences for deploying products that have poor security measures built in.
The scale and distribution of the threat vectors mean that attacks can come from anywhere (and everywhere), originating from thousands of endpoints simultaneously. An orchestrated attack results in a distributed denial of service (DDoS) event.
Business Response to IoT Threat
Thankfully, studies are highlighting the issues and the industry is moving toward better solutions and processes to shore up these flood gates. The best protection against these threats comes down to a few basic factors:
- Practices and procedures
Shoring up across these points is a process that takes leadership, investment, resources and time. Most importantly, you need experts and you need to have a robust platform to withstand the threat of DDoS attacks. Experts are in extreme demand, and building such a platform is a major investment (to say the least).
The Hostway Solution
When you may not have the in-house expertise to protect against these attacks, a rock solid hosting provider can help protect business continuity. An experienced lineup of security experts are behind the security provided at Hostway. Around the clock monitoring, the latest mitigation tools and a robust infrastructure are some of the facets in our arsenal to deal with DDoS threats, including those that begin with IoT devices.
Features including flexible resources, rapid and consistent deployment, reporting, as well as preventative and responsive actions are the major touches that have made Hostway a leading security provider. Expert advice and a consultative approach are also available for customers that request advanced or complex services.
Even if you’re not in the cloud or running on another cloud service, if the threat of IoT and DDoS attacks are a major concern in your environment, we suggest initiating a talk with a security consultant now to discuss how Hostway can make your environment more secure.