TO A layman, the phrase “Internet of Things” (IoT) probably conjures up a half-fantastic future in which refrigerators monitor their own contents and send orders direct to the grocer when the butter is running out, while tired commuters order baths to be drawn automatically using their smartphones as they approach their houses in their self-driving cars. Actually, though, a version of the IoT is already here. Wi-Fi hubs, smart televisions, digital video-recorders and the like are all part of a network of devices run by microprocessors that, just as much as desktop, laptop and tablet computers, form part of the internet—but with one crucial distinction. Unlike things immediately recognisable as computers, these devices are often designed with poor security, or even none at all. They are wide open to malicious hackers who might wish to misuse them. And there are already around 5 billion of them, according to Cisco, the world’s largest computer-networking company, with billions more to come in the years ahead.
One favourite trick of such hackers is the distributed denial of service attack, or DDoS. This temporarily enslaves a number of internet-enabled devices into an arrangement known as a botnet, and then directs this net to send simultaneous requests for attention to a single machine or cluster of machines, thus overwhelming it and making it unusable. Such attacks may be carried out by organised criminals, to hold a firm to ransom; by cyber-savvy countries, as a tool of low-level warfare—or, as in the case of one of the latest attacks, for revenge.
The victim is Brian Krebs, an American journalist who often reports on internet criminals, including those who run DDoS-for-hire services, and also those involved in the “dark” markets that trade in stolen identities and credit-card details. In the past, some of the people he has annoyed have sent heroin to his home while alerting the police to the fact they might find the drug there. This time, the very internet itself was turned against him. On September 20th Mr Krebs’s web server became the target of one of the largest DDoS attacks ever recorded—between 600 billion and 700 billion bits per second, or almost half a percent of the internet’s entire capacity, for hours at a time.
At first, his “network mitigation provider”, a firm called Akamai that was supplying its services to him free, for the general good of the field, was able to ward off these attacks. Eventually, though, it had to surrender. On September 23rd, with his agreement, it cut him loose and he had to shut down until he could make alternative arrangements.
Though Mr Krebs’s case is extreme by current standards, there is a risk it will soon become typical. Matthew Prince, the boss of CloudFlare, a firm that helps websites manage heavy traffic and deal with assaults of this sort, says his firm has already seen a sustained ten-day trillion-bits-per-second DDoS attack—though that was launched by a country (he declined to say which) rather than by a private criminal organisation. Other firms, such as OVH, a French web-hosting service, have also reported attacks of this magnitude.
Learn more: Cyber-security – The internet of stings
The Latest on: Cyber security
[google_news title=”” keyword=”Cyber security” num_posts=”10″ blurb_length=”0″ show_thumb=”left”]
via Google News
The Latest on: Cyber security
- How Much Cybersecurity Expertise Do Boards Really Have?on September 24, 2023 at 9:00 am
The number of directors at S&P 500 companies who have cybersecurity experience has increased sharply since last year. But the amount of cybersecurity expertise on boards remains relatively low, at a ...
- Save on this cybersecurity bootcamp — only $40 this month onlyon September 24, 2023 at 5:10 am
Why are there over a billion views on videos about cybersecurity on TikTok? The answer seems pretty clear. People have a lot of value in digital places and they need their assets protected. This in ...
- State penalizes Broomfield nursing home for cybersecurity breachon September 24, 2023 at 4:37 am
An assisted living facility in Broomfield will pay a fine and be required to upgrade its information security systems following a 2021 data breach that exposed the personal data of hundreds of current ...
- 2 Cybersecurity Stocks You Can Buy and Hold for the Next Decadeon September 24, 2023 at 4:30 am
Founded in 1993 by brothers Tom and David Gardner, The Motley Fool helps millions of people attain financial freedom through our website, podcasts, books, newspaper column, radio show, and premium ...
- Caesars And MGM: Cybersecurity Issues Derail Shares Of Casino Nameson September 23, 2023 at 10:13 am
It would be a nightmare for any large publicly traded American company but imagine the effects of a cyber attack on the security of major casino/resorts based in Las ...
- Ingine’s new cybersecurity service to drive training and jobson September 23, 2023 at 3:07 am
Military-level expertise will usher in a new era of cybersecurity services for local and international companies in Bermuda through a partnership that includes a Bermudian start-up and a Portuguese ...
- Cybersecurity | Protecting and defending the use of cyberspace from cyber attackson September 23, 2023 at 1:03 am
I was fortunate to be invited to present and be a panel member at Digicel’s Cybersecurity Symposium at GPH. The chief guest was the Minister for Home Affairs and so that set a good platform for the ...
- Cisco’s Splunk Deal Shows Allure of AI in Cybersecurityon September 22, 2023 at 9:33 am
The $28 billion acquisition of Splunk by Cisco Systems could create a titan among cybersecurity providers, but such deals can be a mixed blessing for cyber chiefs, experts say.
- SMBs face growing cybersecurity threats, but basic measures can lower riskson September 22, 2023 at 12:19 am
Small and midsize businesses are targets of cybercriminals and might not have expandable resources, but they can take heart in having a smaller attack surface to safeguard.
via Bing News