A Denial of Service (DoS) attack happens when a service that would usually work becomes unavailable. There can be many reasons for unavailability, but it usually refers to infrastructure that cannot cope due to capacity overload.
The Denial of Service attacks that we will be discussing today are called Distributed Denial of Service (DDoS), which result from a large number of systems maliciously attacking one target. This is often done through a botnet, where many devices are programmed (often unbeknownst to the owner) to request a service at exactly the same time.
In comparison to hacking attacks like phishing or brute-force attacks, DoS doesn’t usually try to steal information or lead to a security breach, but the loss of reputation for the affected company can still cost a large amount of time and money. Often customers also decide to switch to an alternative provider, as they fear future security issues, or simply can’t afford to have an unavailable service. A DoS attack lends itself to activists and blackmailers – not really the best situation for companies to find themselves in.
How can Denial of Service attacks have such a big impact in the IoT?
The Internet of Things offers a wide variety of smart devices – all of which face the difficulty of securing overall privacy. As the devices are all so different their heterogenic nature is often used as an excuse by manufactures and owners alike to skip sufficient security controls.
A DDoS attack means that it is administered with the same target from different sources – and here the Internet of Things must feel for hackers a bit like a toyshop would to children: millions of devices, all too often unprotected and unmonitored for long periods of time. The scale in which these attacks are now possible is rising tremendously with the advancement of the Internet of Things.
Hence it doesn’t come as a big surprise that Akamai researchers say that nearly 21% of DDoS attacks now result from Internet of Things devices. We predict this will only keep increasing over the next few years.
In the past DDoS attacks were limited to computers and internet connected machines, usually with a reasonable level of protection. The Internet of Things opens up a large variety of devices to potential attacks – from printers, to cameras, fridges, thermostats, sensors and routers to name a few. Not only is there a sheer amount of these devices, but they are often protected with very limited security, if any at all. It is all too easy to exploit those weaknesses and launch large-scale attacks without the knowledge of the owner.
However, not only can connected devices be used for attacks, they can also become the target of said attacks. While a connected fridge that stops working for a while might be very unfortunate for the owner, think about the devices that have a huge impact on many people’s lives, for example: control valves at power plants, sensors used in weather observations, door locks in prisons or traffic signals in so called smart-cities.
Scarily, GCN reports that the search engine Shodan specialises in finding those internet connected devices – hence making it very easy for hackers to find potential targets.
The most well-known and spectacular DoS attacks in the last few years
In 2013: 39 attacks above 100 Gbps (Gigabits per second), which have steadily increased over time.
March 2013: the Spamhaus DDoS attack saw 120 Gbps of traffic hitting their networks – one of the largest attacks up to March 2013
August 2013: Part of the Chinese internet went down in one of the largest DDoS attacks. Despite one of the most sophisticated security systems in the world and the government having some of the highest abilities to carry out cyberattacks themselves, China wasn’t capable of defending itself from the attack.
Summer 2014: A massive 300 Gbps DDoS attack exploited flaws of 100,000 unpatched servers, joined together as a botnet. An unidentified data centre was faced with the extremely huge scale of a DDoS attack.
December 2014: An unnamed internet service provider experienced an NTP (Network Time Protocol) DDoS attack that reached a new level of strength with 400Gbps – the largest Denial of Service event in history so far.
Spring 2015: UK-based phone carrier Carphone Warehouse gets targeted by a DDos attack – while hackers steal millions of customers’ data
July 2015: The New York Magazine gets hit by a DDoS attack just after publishing interviews of 35 women accusing Bill Cosby of sexual assault.
December 2015: Threats of a DDos attack on Microsoft’s Xbox Live service claim to take down both the XBox Live and PlayStation network over the Christmas period for up to a week. The attackers are trying to highlight the continued weak security of Microsoft’s services.
January 2016: The latest target of a sophisticated DDos attack saw some of the HSBC customers losing access to their online banking accounts two days before the tax payment deadline in the United Kingdom.
Digitaltrends reports that over the last quarter, DDoS attacks grew by 7%, and 132% compared to 2014. With more and more technical abilities and devices to use for these attacks, DDoS attacks are likely to be here to stay. We also expect more and more mega attacks, that are reaching unknown levels of traffic, targeting relevant and vulnerable industries like gaming and telecoms.
We offer more information about the rising Internet of Things and ways to secure mobile and IoT devices on our website. In addition our webinar "PKI for the Internet of things" shows how proven technology can be leveraged to identify devices, encrypt communication and ensure data integrity.