Distributed denial-of-service attacks are a modern cybersecurity threat that keeps on evolving and becoming more dangerous. It has the potential to seriously affect businesses worldwide by shutting down their websites or online operation networks. Both big corporations and small businesses need to always keep the possibility of a DDoS attack in mind and prepare accordingly.
Over the last several years, the majority of DDoS attacks were executed with the help of Internet of Things (IoT) devices. Hackers have been focusing on using those devices for their DDoS attack attempts and the trend shows that they will do it even more in the future. But how exactly do hackers use IoT devices to perform DDoS attacks? Is there anything that manufacturers or users of such technology can do to prevent them?
In this article, we will answer those and many other related questions. First, let’s begin by taking a deeper look at what exactly DDoS attacks are and how they work.
What Are DDoS Attacks?
DDoS attacks involve a network of bots or other software tools that generate a big amount of artificial traffic to a server. The targeted server tries to process all requests but fails due to their overwhelming number. While trying to deal with the fake traffic, the server cannot handle requests from actual users. Eventually, the server is rendered unusable until the fake traffic stops being generated.
There are several types of DDoS attacks, but all of them work in essentially the same manner. The hackers use fake traffic to overload a server or a website and essentially take it out. But what is the most efficient method of generating this artificial traffic? In recent years, it has become clear that IoT devices are one of the best ways of doing just that.
How Hackers Use IoT for DDoS Botnet Attacks
IoT devices in general do not have state-of-the-art security measures installed. A device with a weak or non-existent password, inability to patch easily exploitable firmware, or problems with authentication and data transfer systems is perfect for a hacker to exploit. Using automated attacks on the most common IoT vulnerabilities, hackers can install malware and essentially add a device to a vast network of bots (a botnet). This network can then easily be used to conduct DDoS attacks.
Data shows that the most common botnets come from devices located in China. The USA and South Korea are pretty much tied for second place. However, Brazil is the country that hosts the most active botnets out there.
One of the key benefits that IoT devices offer to hackers is that they use WS-Discovery (WSD) — a widely used protocol for finding and connecting to other devices that are close by. Hackers use WSD hosts to amplify the efficiency of their DDoS attacks up to 95%.
WSD protocols are useful for hackers because there are more than 800,000 WSD hosts around the world. WSD hosts automatically process and answer unverified requests without running any integrity checks. You can see how this is a huge advantage for botnets, as they can stay under the radar and avoid detection.
Why IoT DDoS Attacks Are On the Rise
The use of WSD protocols is getting increasingly popular, which makes IoT-based DDoS attacks easier and more effective. In addition, there are other new amplification methods that IoT devices use that are perfect for bots to take advantage of. Those include:
- Simple Service Delivery Protocol (SSDP)
- Simple Network Management Protocol (SNMP)
- Trivial Transfer File Protocol (TTFP)
In the end, IoT devices become the perfect tool to execute DDoS attacks on a massive scale. The use of WSD is especially popular since it allows bots to go through the majority of automated security checks — they use a port that almost never blocks this specific amount of traffic.
5G Networks Will Only Make Matters Worse
The new 5G networks are already generating much criticism. However, when you put the conspiracy theories aside, they can be a game-changer for IoT-based DDoS attacks — unfortunately, for the worse. The increase in bandwidth and low latency that 5G offers will allow a huge number of additional devices to be hooked up to global networks at the same time. Apart from just adding more devices for hackers to exploit, 5G will also make DDoS attacks more efficient. The low latency 5G features will drastically reduce the response time to DDoS attacks to mere seconds.
On the other hand, 5G will also provide an environment for better-automated security protocols and defenses that work with machine learning. In the end, we will have to wait and see how this battle will eventually play out.
How Can We Prevent IoT DDoS Attacks?
Unfortunately, it is virtually impossible to completely stop hackers from taking advantage of IoT devices for their DDoS attacks. However, we can try to limit the number of devices that can be hacked. Preventative measures can go a long way in limiting the scope of such attacks. If our company’s IoT devices communicate through a segmented network that prohibits outside traffic, hacking attempts will be essentially blocked. Users should also take the time to update the security of their devices, including anti-malware solutions, strong passwords, and anti-virus software.
What Do DDoS Attacks Mean for the IoT Industry?
As for the industry itself, IoT manufacturers need to do more when it comes to the security of their devices. While the industry is largely unregulated right now, the frequency and impact of DDoS attacks might change that status quo. With massive DDoS attacks executed through IoT, the attention of cybersecurity experts turns to the manufacturers for answers and accountability.
The companies need to reassess their approach to security and outfit devices with advanced measures, designed to counter hacker activity. Otherwise, the IoT industry might be forced to do it through punishing legislation.
To sum it all up — IoT provides hackers with the optimal means of executing DDoS attacks on a large scale. The recent technological developments only make the situation worse and action needs to be taken soon. While users should do their part and ensure the security of their devices, it falls down on IoT manufacturers to start implementing enhanced security measures on their devices.