US Has A Strategy To Defend Against Another Massive IoT Attack

Uploaded on 2016-11-01 in GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW, INTELLIGENCE--USA, TECHNOLOGY--Hackers

The US Department of Homeland Security is working with law enforcement and private companies to find ways to prevent another distributed denial of service attack like the one that occurred on October 22nd.

The basic pattern of a DDoS attack is nothing new: an attacker uses malware to recruit internet-connected computers into a globe-girdling robot army, which upon command overwhelm their target with unwanted requests. What’s changing is the tremendous growth in the Internet of Things, or IOT, the devices, from PCs to home routers to smart refrigerators, that we attach to the net. Far too many of these are installed with widely known factory-default passwords or other vulnerabilities, making them easy recruits for bot armies.

“The volume of DDoS attacks has more than doubled over the last 18 months. It’s now approaching 650 gigabytes a second. That’s only possible because they’ve been recruiting IOT devices,” said one government official with direct knowledge of the attack. “We need to have a deliberative conversation about baking in security as much as possible into Internet of Things devices.”

US officials believe the cyberattack that interrupted Twitter, Netflix and other websites has been mitigated, Homeland Security Department Secretary Jeh Johnson said in a statement recently. DHS held an information sharing conference call with 18 major communication services providers the day the distributed denial of service, or DDoS, attack occurred, said Johnson.

DDoS attacks involve hacking into unsecured computers and other internet-connected devices, then using those devices to flood a site with more requests and commands than it can handle. The recent attack targeted Dyn, a company that provides web optimisation services to numerous major Internet companies.

Johnson confirmed security researchers’ reports the attack used a type of malware called Mirai, which targets connected devices such as webcams and entertainment systems, and was earlier used to attack the website of cybersecurity reporter Brian Krebs and a French internet service provider.  

The DHS cyber operations hub, the National Cybersecurity Communications and Integration Center, is working with law enforcement and private companies on ways to combat the malware, Johnson said.

DHS is also working on a set of strategic principles for securing connected devices, known as the Internet of Things, which will be released in coming weeks, he said.

The Internet of Things has grown exponentially in recent years but the security of those devices has lagged, Joshua Corman, director of the Atlantic Council’s Cyber Statecraft Initiative, told reporters in a conference call today. Many connected devices carry known software vulnerabilities that can be exploited by hackers, but consumers either don’t know how to patch those vulnerabilities or, in some cases, aren’t able to, he said.

On an individual level, those vulnerabilities—a connected refrigerator sending out spam emails, for example—are not particularly dangerous, he said. When those vulnerabilities are taken in aggregate, however, they can do great damage as the Dyn attack showed.

“There’s a strong instinct to focus on safety critical [systems] where bits and bytes meet flesh and blood,” Corman said. “The cognitive dissonance from this particular set of attacks is you can’t neglect lower-priority devices.”

DefenseOne:     DefenseOne:     Hackers 'weaponised' Malware To Mount  Massive Assault:

 

 

« ISIS Social Media Ops Are Declining
Where The Money Is: Bank Robbers Blow Up 492 ATMs »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cryptomathic

Cryptomathic

Cryptomathic is an expert on commercial crypto - we develop, deliver and support the most secure and efficient off-the-shelf and customised solutions.

Azeti Networks

Azeti Networks

Azeti Networks is a global provider of IoT technology to a variety of verticals including telecomms, oil/gas, manufacturing, finance and healthcare.

Perception Point

Perception Point

Perception Point is a Prevention-as-a-Service company, built to enable digital transformation. Our platform offers 360-degree protection against any type of content-based attack.

XTN Cognitive Security

XTN Cognitive Security

XTN is focused on the development of security, Fraud and Mobile Threat Prevention advanced behaviour-based solutions.

Digital Innovation Hub Slovenia (DIH)

Digital Innovation Hub Slovenia (DIH)

DIH Slovenia is a central hub providing services to grow digital competencies in areas including robotics, IoT, cyberphysical systems and cybersecurity.

Hunters.AI

Hunters.AI

Hunters is the world's first autonomous hunting solution that leverages top-tier cyber expertise and AI to uncover hidden cyber threats.

Bureau Veritas

Bureau Veritas

Bureau Veritas are a world leader in Testing, Inspection and Certification. We provide certification and training services in areas including cybersecurity and data protection.

GK8

GK8

GK8 is a cyber security company that offers a high security custodian technology for managing and safeguarding digital assets. Secure, Compliant and Practical.

Kratikal

Kratikal

Kratikal provides a complete suite of manual and automated security testing services.

ThreatReady Resources

ThreatReady Resources

ThreatReady reduces an organization’s risk by delivering cyber security awareness training based on the latest, state-of-the-art learning science to effectively drive long-term cyber-safe behavior.

Cyber Defense Technologies (CDT)

Cyber Defense Technologies (CDT)

Cyber Defense Technologies provides services and turn-key solutions to secure and maintain the integrity of your organization’s systems and data against attacks.

Aite-Novarica Group

Aite-Novarica Group

Aite-Novarica's Cybersecurity practice provides ongoing research and advisory services to chief information security officers focused on protecting their companies’ assets.

Akto

Akto

Akto, the plug & play API security platform. Discover your APIs, run tests and find business logic vulnerabilities at ludicrous speed.

Phylum

Phylum

Phylum provides powerful, automated software supply chain risk analysis that protects organizations, defends developers and enables secure innovation.

Boecore

Boecore

Boecore is an aerospace and defense engineering company that specializes in software solutions, systems engineering, cybersecurity, enterprise networks, and mission operations.

Amplifier Security

Amplifier Security

Amplifier Security are on a mission to empower security teams to modernize their practice by connecting the dots between their security stack and their people.