TO A layman, the phrase “Internet of Things” (IoT) probably conjures up a half-fantastic future in which refrigerators monitor their own contents and send orders direct to the grocer when the butter is running out, while tired commuters order baths to be drawn automatically using their smartphones as they approach their houses in their self-driving cars. Actually, though, a version of the IoT is already here. Wi-Fi hubs, smart televisions, digital video-recorders and the like are all part of a network of devices run by microprocessors that, just as much as desktop, laptop and tablet computers, form part of the internet—but with one crucial distinction. Unlike things immediately recognisable as computers, these devices are often designed with poor security, or even none at all. They are wide open to malicious hackers who might wish to misuse them. And there are already around 5 billion of them, according to Cisco, the world’s largest computer-networking company, with billions more to come in the years ahead.
One favourite trick of such hackers is the distributed denial of service attack, or DDoS. This temporarily enslaves a number of internet-enabled devices into an arrangement known as a botnet, and then directs this net to send simultaneous requests for attention to a single machine or cluster of machines, thus overwhelming it and making it unusable. Such attacks may be carried out by organised criminals, to hold a firm to ransom; by cyber-savvy countries, as a tool of low-level warfare—or, as in the case of one of the latest attacks, for revenge.
The victim is Brian Krebs, an American journalist who often reports on internet criminals, including those who run DDoS-for-hire services, and also those involved in the “dark” markets that trade in stolen identities and credit-card details. In the past, some of the people he has annoyed have sent heroin to his home while alerting the police to the fact they might find the drug there. This time, the very internet itself was turned against him. On September 20th Mr Krebs’s web server became the target of one of the largest DDoS attacks ever recorded—between 600 billion and 700 billion bits per second, or almost half a percent of the internet’s entire capacity, for hours at a time.
At first, his “network mitigation provider”, a firm called Akamai that was supplying its services to him free, for the general good of the field, was able to ward off these attacks. Eventually, though, it had to surrender. On September 23rd, with his agreement, it cut him loose and he had to shut down until he could make alternative arrangements.
Though Mr Krebs’s case is extreme by current standards, there is a risk it will soon become typical. Matthew Prince, the boss of CloudFlare, a firm that helps websites manage heavy traffic and deal with assaults of this sort, says his firm has already seen a sustained ten-day trillion-bits-per-second DDoS attack—though that was launched by a country (he declined to say which) rather than by a private criminal organisation. Other firms, such as OVH, a French web-hosting service, have also reported attacks of this magnitude.
Learn more: Cyber-security – The internet of stings
The Latest on: Cyber security
via Google News
The Latest on: Cyber security
- Intel Capital Invests In Innovation To Improve Cybersecurity For Everyoneon November 15, 2019 at 1:05 pm
It’s time for a new cybersecurity strategy. It takes a village as they say, though, which is why Intel Capital is focused on investing in a diverse portfolio of innovative cybersecurity companies.
- Two Colorado cybersecurity employees were arrested doing their jobs. It's shaken the entire industry.on November 15, 2019 at 11:57 am
Two employees of a well-known Westminster-based cybersecurity firm have been arrested for ostensibly doing their jobs, prompting questions about new risks for the information-security industry. In ...
- Cybersecurity expert Alex Stamos on Facebook’s counter-terrorism team and the private-public divideon November 15, 2019 at 8:33 am
Last night, at a StrictlyVC event in San Francisco, he talked with New York Times cybersecurity correspondent Sheera Frenkel about a small number of these massively impactful issues, first by ...
- Cybersecurity remains the top concern for middle market companieson November 15, 2019 at 7:21 am
Looking ahead at the next 12 months, middle market companies are most concerned with their cybersecurity strength. As businesses become more digital, these organizations believe security risks will ...
- Ordr Extends NIST Cybersecurity Framework to All Connected Assetson November 15, 2019 at 6:59 am
The National Institute of Technology (NIST) Cybersecurity Framework (CSF) provides security guidelines designed to secure critical infrastructure from cyber threats and improve cybersecurity risk ...
- Is There Really A Cybersecurity Skills Gap?on November 15, 2019 at 5:04 am
There is much discussion of a skills gap within cybersecurity. Cybersecurity Ventures predicts 3.5 million unfilled cybersecurity jobs by 2021. But recently, more people have been suggesting that the ...
- The Time to Tackle Cybersecurity in Self-Driving Cars Is Now | Opinionon November 15, 2019 at 4:56 am
But when looking at both of these stories underneath the same lens, they reveal threads of an undiscussed narrative regarding cybersecurity in autonomous cars. Mainly, that there isn't enough. This ...
- U.S. Investors Focus on Cybersecurity as Data Concerns Deepenon November 15, 2019 at 4:31 am
How good a company is at cybersecurity is joining factors such as greenhouse-gas emissions and directors’ pay when it comes to investors evaluating whether or not to buy in. Private-equity firms, ...
- Cybersecurity is heading into a recruitment crisis: Here's how we fix the problemon November 15, 2019 at 1:31 am
There are nearly 3 million people working in cybersecurity worldwide, according to the 2019 (ISC)2 Cybersecurity Workforce study. The problem with that is we need another 4 million people to fill ...
via Bing News