INTELLIGENT BRANDS // Enterprise Security
DDoS mitigation is the best
practice in an IoT world
T
he Internet of Things (IoT) is a conversation that has
been gathering momentum in the public space for
around the past five years or so, even though the concept
has been around for a few decades. And yet, in this brand new
world of science fiction coming to life, threats lurk also.
So says Arbor Networks’ Territory Manager for sub-Saharan
Africa, Bryan Hamman. He says, “Obviously, people are excited
when they think about the possibilities brought about by a
world in which objects can be sensed or controlled remotely
across existing network infrastructures. These connected
home devices create opportunities for even more integration
of the physical world into computer-based systems, and the
intention is that they will allow for improved efficiencies and a
reduced need for human intervention.”
Hamman notes that whilst IoT brings the promise of efficiency
and innovation to both homes and businesses, it also
significantly expands the threat surface, allowing malware to
“Whilst IoT brings the promise
of efficiency and innovation to
both homes and businesses, it
also significantly expands the
threat surface.”
turn IoT devices into being part of a botnet army – a network
of private computers infected with malicious software and
controlled as a group without the owners’ knowledge.
He says, “A botnet army grows by continuing to spread its
malware to new devices. When a botnet army reaches a
certain size, it becomes a revenue-generating platform for
its creators by launching distributed denial of service (DDoS)
attacks on networks. The attacks will be turned off and the
network allowed to function normally again, in return for a
ransom paid in bitcoin payments.”
IoT devices are vulnerable to DDoS botnets for a number
of reasons. For example, attackers are able to exploit a
manufacturer’s reuse of default passwords across device
classes. In addition, most IoT devices have access to the
Internet without any bandwidth limitations or filtering, while
the pared-down operating systems and processing together
leave less room for security features – which is why most
security compromises go unnoticed.
54
INTELLIGENTCIO
Bryan Hamman, Territory Manager for sub-Saharan Africa,
Arbor Networks
Arbor advises enterprises, Internet service providers and
managed security service providers to defend against DDoS
attacks by implementing best current practices for DDoS
defence, as follows:
• Reducing the network’s surface of vulnerability.
• Ensuring complete visibility over all network traffic to detect
DDoS attacks.
• Ensuring sufficient DDoS mitigation capacity and
capabilities, both on-premise and in the cloud.
• Having a DDoS defence response plan, which is kept
updated and rehearsed on a regular basis.
• ISP and MSSP network operators should actively participate
in the global operational community.
• ISP and MSSP network operators should also take into
account the baseline load of their normal Internet traffic
to determine which DDoS defence mechanisms and
methodologies to use if under attack.
Hamman concludes, “Today, broadband Internet is more
widely available and more devices are being created with Wi-
Fi capabilities and sensors built into them, while smartphones,
at least in First World countries, are becoming the norm rather
than the exception. This all means that the IoT phenomenon
is simply gathering pace, day by day and hour by hour. It is
more important than ever to remember that your connected
devices are now a part of your network and as such, need the
same security considerations to be applied.” n
www.intelligentcio.com