Connect with us

Cybersecurity

Gafgyt and beyond: Inside IoT DDoS Malware

In a Distributed Denial of Service (DDoS) attack, a cyber attacker overwhelms their target by bombarding them with enormous quantities of fake data, knocking them offline

mm

Published

on

Best DDoS Protection Techniques

In a Distributed Denial of Service (DDoS) attack, a cyber attacker overwhelms their target by bombarding them with enormous quantities of fake data, knocking them offline or significantly impeding their ability to offer service regular to legitimate customers.

Because it’s challenging to overwhelm a target on your own, DDoS attacks almost always use a botnet, a zombie army of remote-controlled connected devices, which can launch coordinated attacks to consume a victim’s upstream bandwidth.

Picture it like recruiting a group of friends, acquaintances, and anyone else you can persuade with access to a phone to call a local business at a particular time repeatedly. While you could annoy by doing this yourself, using a single phone line, by getting a large group of people to do so, you can tie up as many phone lines as the target company might have open at once. You also make it much harder for the beleaguered business to trace the party responsible since all the calls come from different numbers.

A botnet works a lot like this. It refers to a collection of internet-connected devices that have been infected using malware to be controlled by hackers. The name “botnet” is a combination of “robot” and “network.” The biggest botnets have involved hundreds of thousands or even millions of connected devices. Those targets without the proper DDoS mitigation tools can be in serious trouble.

1. Attacking IoT devices

Virtually any internet-connected device can be used as a botnet. All that’s required is that it can send messages on command. That means that while malware-infected desktop and laptop computers have been used in botnet-driven DDoS attacks, they too have smartwatches, intelligent security cameras, intelligent kitchen appliances, and home routers.

Some of the devices are ones their owners may not even think of as computers, although that’s precisely what they are. They may also have no awareness that their device is part of a botnet, perhaps only experiencing the occasional slowdown in service — since many devices in a botnet lie dormant until they’re used for a DDoS attack or, sometimes, for sending spam messages.

cybersecurity is essential to the global supply chain

There are many significant advantages to cyber attackers targeting Internet of Things (IoT) devices such as IP cameras and intelligent refrigerators for DDoS attacks. One is the massive number of devices that can potentially target. According to consumer data company Statista, the average number of connected devices per household in the United States last year was 10. Globally, the firm claims that there are around 21.5 billion interconnected devices.

Just as important is the fact that, in many cases, IoT security can be surprisingly poor. That makes these devices comparably easy to compromise for IoT botnets. Poor security may stem from weak and guessable passwords, often unchanged from their default passwords, insecure ecosystem interfaces, flawed security update methodologies, and more.

2. Botnets in action

Whatever the reasons, hackers have wasted no time targeting these vulnerabilities to build bigger, worse botnets. The devastating Mirai botnet, which emerged in 2016, infected IoT devices by scanning the internet for open ports and then trying to access them by using a list of more than 60 default passwords. It was used as part of multiple DDoS attacks.

Mirai’s tricks continue to be used in similar botnets. More recently, variations of a botnet malware family called Gafgyt have used code from the Mirai botnet to target and potentially infect susceptible IoT devices, including routers made by Huawei and Realtek. It downloads malware payloads that can be used to stage DDoS attacks by exploiting vulnerabilities in these devices.

DDoS attacks have been around for decades, but the approaches used by attackers continue to evolve. As seen with the Gafgyt malware and the continued threat of Mirai and Mirai-inspired botnets, attackers constantly tweak their systems to build larger, more dangerous botnets which can be used to inflict harm on targets.

3. Defending against DDoS

Anyone in possession of an IoT device should take steps to ensure that it is adequately secured. This involves changing the name and default password of machines, using strong passwords, providing firmware updates that are downloaded and installed, and avoiding using public Wi-Fi to access IoT networks.

To defend against DDoS attacks, you should also make sure that you deploy the correct anti-DDoS tools. This includes solutions for DDoS detection (able to recognize attacks as rapidly as possible), diversion (to defend against application-layer and network-layer attacks), filtering (blocking malicious traffic while continuing to let legitimate users through), and analysis (to gather information about attacks and attempted attacks.)

Distributed Denial of Service attacks (DDoS attacks) is not going away any time soon. The most that companies can hope for is preparing for them and figuring out how best to mitigate them. Given the potential damage they can cause — from unwanted downtime to long-term reputational damage — this is one of the smartest investments you can make.

We are an Instructor, Modern Full Stack Web Application Developers, Freelancers, Tech Bloggers, and Technical SEO Experts. We deliver a rich set of software applications for your business needs.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Computer Network

6 Reasons You Should Have Security Cameras at Your Business

Implementing security cameras in business can Protecting your assets, ensure employee accountability, and provide evidence in legal matters

mm

Published

on

6 Reasons You Should Have Security Cameras at Your Business

Today, more and more businesses are realizing the importance and value of video surveillance systems. Threats from both external and internal sources can be a constant worry for business owners, and peace of mind is scarce.

Having a robust video monitoring system like the one offered by Genetec will help you capture, store, and analyze video footage of everything that goes down on your premises. How will this help you in protecting what matters to you? Let’s find out.

1. Deterring Crime

First of all, video cameras are a natural deterrent for teenage scallywags and serious criminals alike.

If you have cameras visible on your property, anyone with ill intentions will understand that their risk of being caught out is that much higher, and they’ll naturally reconsider their actions.

In this sense, you may never need to use your video cameras for checking out any actual footage – if this is the case, you’ll know that they’ve done their job of preventing any incidents from happening in the first place.

2. Protecting Your Assets

security cameras in business can Protecting your assets

Of course, as a business owner, there are things that are important to you. Whether it’s the property itself, equipment, inventory, or any other valuable assets, it’s important that you have an extra layer of security protecting them – especially if they might make your business a specific target.

Video surveillance is a much more practical and affordable option than having someone physically monitoring your assets 24/7.

3. Keeping Your Employees Accountable

Unfortunately, internal threats are a real thing, and many business owners have suffered at the hands of an “inside job.”

Data theft, physical theft, fraud, and other crimes have seriously impacted a large percentage of businesses, and small businesses are especially at risk.

Having surveillance cameras can help deter any issues of this nature and will further hold your employees accountable to do their jobs and maintain productivity levels.

4. Security Cameras in Business Reduced Insurance Costs

Business owners need to be constantly on the lookout for ways to reduce their costs and increase profit margins. One such way is to ensure you’re keeping your insurance premiums as low as possible – and having a great security system can help you do that.

The better protected your business is, the lower the risk is for incidents, and the less you’ll be charged for your insurance policy.

5. Evidence in Legal Matters

Many businesses will have to face a dispute at some point – between employees, between an employer and an employee, or even between employees and customers. In many cases, a lack of real evidence can make things complicated and even unjust.

Having security footage of your premises can provide important evidence for any disputes or legal matters that might arise, helping you to ensure that things are resolved efficiently and fairly.

6. Peace of Mind

Finally, remember that having peace of mind about the safety of your business, your assets, and your staff is priceless.

Video surveillance offers an extra layer of protection and security that will help you sleep easier at night, knowing that what matters to you is under protection and less at risk.

Continue Reading
Advertisement
Advertisement
Security1 week ago

Key Elements of an Effective Data Security Platform

Blockchain2 weeks ago

Digital Identity Theft and Blockchain Solutions

Bitcoin2 weeks ago

Crypto Dollar-Cost Averaging: A Strategy for Volatile Markets

Technology3 weeks ago

The Role of Advanced Control Systems in Enhancing Industrial Safety

Digital Marketing3 weeks ago

How SEO Proxies Can Help to Promote Your Website

Health Sciences4 weeks ago

Japan Releasing Radioactive Wastewater into the Sea: Why It is a Bad Idea

Bitcoin1 month ago

Bright Days Ahead: Optimistic Trends in the BTC-USD Relationship!

Computer Network1 month ago

6 Reasons You Should Have Security Cameras at Your Business

TwinzTech1 month ago

WoW WotLK Class Guide

Education1 month ago

How To Succeed in a Pharmacoeconomics Degree Program

Advertisement
Advertisement

Trending