TO A layman, the phrase “Internet of Things” (IoT) probably conjures up a half-fantastic future in which refrigerators monitor their own contents and send orders direct to the grocer when the butter is running out, while tired commuters order baths to be drawn automatically using their smartphones as they approach their houses in their self-driving cars. Actually, though, a version of the IoT is already here. Wi-Fi hubs, smart televisions, digital video-recorders and the like are all part of a network of devices run by microprocessors that, just as much as desktop, laptop and tablet computers, form part of the internet—but with one crucial distinction. Unlike things immediately recognisable as computers, these devices are often designed with poor security, or even none at all. They are wide open to malicious hackers who might wish to misuse them. And there are already around 5 billion of them, according to Cisco, the world’s largest computer-networking company, with billions more to come in the years ahead.
One favourite trick of such hackers is the distributed denial of service attack, or DDoS. This temporarily enslaves a number of internet-enabled devices into an arrangement known as a botnet, and then directs this net to send simultaneous requests for attention to a single machine or cluster of machines, thus overwhelming it and making it unusable. Such attacks may be carried out by organised criminals, to hold a firm to ransom; by cyber-savvy countries, as a tool of low-level warfare—or, as in the case of one of the latest attacks, for revenge.
The victim is Brian Krebs, an American journalist who often reports on internet criminals, including those who run DDoS-for-hire services, and also those involved in the “dark” markets that trade in stolen identities and credit-card details. In the past, some of the people he has annoyed have sent heroin to his home while alerting the police to the fact they might find the drug there. This time, the very internet itself was turned against him. On September 20th Mr Krebs’s web server became the target of one of the largest DDoS attacks ever recorded—between 600 billion and 700 billion bits per second, or almost half a percent of the internet’s entire capacity, for hours at a time.
At first, his “network mitigation provider”, a firm called Akamai that was supplying its services to him free, for the general good of the field, was able to ward off these attacks. Eventually, though, it had to surrender. On September 23rd, with his agreement, it cut him loose and he had to shut down until he could make alternative arrangements.
Though Mr Krebs’s case is extreme by current standards, there is a risk it will soon become typical. Matthew Prince, the boss of CloudFlare, a firm that helps websites manage heavy traffic and deal with assaults of this sort, says his firm has already seen a sustained ten-day trillion-bits-per-second DDoS attack—though that was launched by a country (he declined to say which) rather than by a private criminal organisation. Other firms, such as OVH, a French web-hosting service, have also reported attacks of this magnitude.
Learn more: Cyber-security – The internet of stings
The Latest on: Cyber security
[google_news title=”” keyword=”Cyber security” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]
via Google News
The Latest on: Cyber security
- Hacked: Increased rate of cyber crime "alarming" - Cyber security experton May 28, 2023 at 12:08 pm
A cyber security firm says hackers are claiming they have access to IT systems at hundreds of New Zealand schools and tertiary institutes as well as stolen personal data from thousands of staff and ...
- Hackers selling access to school IT systems, cyber security firm sayson May 28, 2023 at 10:59 am
A cyber security firm says it found hackers last year selling logins and passwords of thousands of school and tertiary students and staff.
- Christopher Krebs said bad actors can take advantage of U.S.' cybersecurity "vulnerabilities"on May 28, 2023 at 10:26 am
Christopher Krebs, cybersecurity expert and analyst, tells "Face the Nation" that the U.S. is "highly dependent" on technologies and "we don't always implement them in the right way." That can allow ...
- Mastercard partners Ghana Cyber Security Authority to fight fraudon May 28, 2023 at 2:21 am
Mastercard, in partnership with the Ghana Cyber Security Authority (CSA), has hosted the first-ever Fraud and Cyber Security Forum in Ghana to address fraud.The event brought together key players in ...
- Is cybersecurity an unsolvable problem?on May 27, 2023 at 6:12 am
And his conclusion about what can be done about it might prove a bit controversial: there is no permanent solution to the cybersecurity problem. "Cybersecurity is not a primarily technological problem ...
- N.C. Selects Chief Risk Officer to Lead Cybersecurity Efforton May 26, 2023 at 2:16 pm
The 25-year cybersecurity expert, currently the security leader for the state elections board, plans to strengthen the IT department's cyber maturity via deeper collaboration with local, state and ...
- Another Vulnerability for Cybersecurity of Retirement Plan Data: Auto-Portabilityon May 26, 2023 at 2:00 pm
A recent phishing incident related to a Retirement Clearinghouse (RCH) employee email account caused RCH to alert more than 10,500 individuals on May 12, 2023 that their personal data (including their ...
- 6 Cybersecurity Software Stocks Could Be Set Up for Huge Second Half 2023 Gainson May 26, 2023 at 4:12 am
We screened our 24/7 Wall St. cybersecurity stock universe looking for companies with Buy ratings and strong positions in the industry. Six top stocks continue to stand out, and they look to remain on ...
- 13-year-old graduates from Oklahoma City Community College with science and cybersecurity degreeon May 25, 2023 at 1:15 pm
Elijah Muhammad, 13, graduated from Oklahoma City Community College with degrees in computer science and cybersecurity.
via Bing News