Storage limitations and network capacity leave simple IoT, Internet of Things, devices such as routers highly vulnerable to cyber-criminals. Distributed Denial-of-Service, DDoS attacks on IoT have become a growing challenge. We are going to look at the types of DDoS attacks and what we can do as users to protect our routers and smart devices.
Use of proxy service
The providers of this service have increased vastly. In various case studies, IoT devices have appeared on searches as residential proxies.
Simple IoT devices like routers and other smart devices are already susceptible to DDoS attacks as they are able to connect online without a human giving access. A proxy service like Smartproxy can provide you with a forward proxy to protect your devices.
IoT Devices Vulnerability
By scanning the internet for devices that were exposing their Telnet port, a hacker was able to publish a list of over 500,000 user credentials. The hacker tried various username and password combinations to create a ‘bot list’ from routers and other smart IoT devices. This 2019 infiltration followed a similar list that was leaked in 2017 with 33,000 Telnet routers on it.
It is worth noting that those devices using forward proxies did not appear on either of these lists and remain safe. This fact further supports the use of forward proxies as a means to protect not only your personal data but also access to your IoT devices.
In 2016 a botnet that had managed to accumulate 400,00 bots rendered everyday applications like Twitter, Paypal, Netflix, and Amazon unavailable for hours. The attack infected an internet infrastructure provider with a wave of DNS queries from millions upon millions of IP addresses. The fake traffic blocked genuine DNS inquiries.
What Is a Botnet and Why Is it a Threat?
A botnet can be defined as a network of infected private computers with malicious software. The owners of the computers will not know that the device has been infected and is being used as part of a malicious network of bots. Netlab 360 researchers discovered a botnet that was in control of over 100,000 routers in 2018. Can you imagine the damage a botnet of this size can cause?
The infected house and small-office routers were from different manufacturers. This finding showed that many IoT gadgets ran without any protection and had critical vulnerabilities on their shared hardware. Patches usually provide security. Patches were released to help limit the threat but unfortunately, patching is no help against threats that aren’t discovered at the moment they are released.
The Universal Plug and Play, UPnP, protocol paved the way for a botnet like the one mentioned above to be created. UPnP makes it easier for various devices on a network to find each other and connect automatically. It has been shown to have weaknesses that allow hackers to control all the instruments on a single network. Once infected, devices can proxy to mail servers such as Yahoo Mail, Hotmail, and Outlook.
IoT devices are so well connected that they can affect others on a global scale very quickly if one is infected.
Different Types of DDoS Attacks
A Distributable Denial-of-Service, DDoS, is an unwarranted attempt to deny users access to a service. It is done by interrupting or stopping the service of its hosting server. A botnet can be used to launch a global DDoS attack from one network connection. DDoS attacks prey on the limited resources in IoT devices, thus slowing them down or rendering them completely useless. There are generally three types of DDoS attacks, all of which can cause extensive system damage.
Volume Based Attack
It saturates the attacked site’s bandwidth with UDP floods, ICMP floods, amongst other spoofed-packet floods. Volume Based Attacks are measured in beats per second, bps.
This one eats away at the server resources, putting intermediate communication equipment like firewalls and load balancers at risk. Examples include Smurf DDoS, Ping of Death, and SYN floods. The standard measurement for Protocol Attacks is packets per second, Pps.
Application Layer Attacks
Application Layer Attacks come disguised as innocent and straightforward requests that target the web server. GET/POST floods target Windows and OpenBSD weaknesses. The measurement is done in requests per second, Rps.
The motivation behind DDoS attacks varies, but they have quickly become one of the most common forms of cyber threat. Some hackers are simply bored, while others use DDoS to target business competitors.
How You Can Protect Your Devices
All routers and similar gadgets come with a default admin login printed on them. As soon as you have set up the device, change the login details. Avoid using easy-to-get passwords.
It is advisable to close off Telnet and any other remote access devices when not in use. Disable any Remote Management settings on the smart device. Attacks can come from a remote computer controlling another one.
Disable UPnP Settings
Universal Play-n-Play settings are on all IoT devices by default, inviting all sorts of malware to infect the local network.
Use Online Tools
Always keep all your devices updated with the latest software, firmware, and patches. Look for online tools to identify any weakness on your routers and other IoT gadgets.
DDoS and Botnets are becoming more of a threat and in order to combat that threat we need to ensure we take all the necessary precautions. This includes installing updates and patches regularly, using strong passwords and malware protection and even setting a residential proxy to further protect our devices and ensure our anonymity.