State of IoT security takes center stage in wake of record-setting DDoS attack
A massive cyberattack driven by hijacked web-connected devices has raised alarms about the present state of IoT security and given security providers an urgent push to immediately enhance their protection measures.
A recent distributed denial-of-service (DDoS) attack against one of the world’s top cybersecurity bloggers used a massive network of hijacked IoT devices to overwhelm the website with heavy traffic. This attack may have utilized 1 million different devices to build a botnet that’s never been seen before by security providers, according to CIO. The blog’s security provider, Akamai, was able to combat the traffic attack for three days before it pulled the plug on its own security efforts.
The decision to relinquish its security came after the company spent an enormous amount of money trying to stop the attack. The company said that the consumption of resources used to battle that traffic became no longer maintainable. The owner of the security website, Brian Krebs, said he understood Akamai’s decision to stop providing security, tweeting, “I likely cost them a ton of money today.”
The incident is considered to be the largest DDoS attack ever, comprising double the amount of activity that Akamai has ever seen.
This attack is a wake-up call to enterprises to upgrade their IoT security — and fast. With device hijacking increasing the potential scale for botnet-based attacks, companies must upgrade the DDoS protections currently safeguarding their digital presence.
Enterprises should subsequently put pressure on their security providers to make immediate enhancements that provide better security from IoT attacks at a much greater scale. This demonstration of the power of IoT hijacking could help other brands avoid similar fates, but only if they act quickly to invest in better protection.
If organizations’ current security provider can’t account for this growing threat, it may be time to reconsider their options.