IoT Botnets and DDoS Attacks: The Stakes Have Changed
IoT devices are attractive to DDoS attackers because so many are shipped with insecure defaults, including administrative credentials, and large proportion are rarely if ever updated in order to patch against security vulnerabilities. Indeed, many vendors of such devices do not provide security updates at all.
Furthermore, IoT devices are often low-interaction – end-users don’t spend much time directly interfacing with their refrigerator or printer, and so aren’t given any clues that they’re being exploited by threat actors to launch attacks. They’re generally always turned on and reside on high-speed networks which allow for a relatively high amount of DDoS attack traffic volume per compromised device.
There is increasing talk about regulations forcing manufacturers to stop shipping devices with default administrative credentials. Even if this happened tomorrow, there are billions of vulnerable IoT devices out there today. It’s not the future we need to be concerned about, it’s the past.
The stakes have changed. Are you ready? Find out.
To learn more about Arbor DDoS protection, click here.