Connect with us

Cybersecurity

Gafgyt and beyond: Inside IoT DDoS Malware

In a Distributed Denial of Service (DDoS) attack, a cyber attacker overwhelms their target by bombarding them with enormous quantities of fake data, knocking them offline

mm

Published

on

Best DDoS Protection Techniques

In a Distributed Denial of Service (DDoS) attack, a cyber attacker overwhelms their target by bombarding them with enormous quantities of fake data, knocking them offline or significantly impeding their ability to offer service regular to legitimate customers.

Because it’s challenging to overwhelm a target on your own, DDoS attacks almost always use a botnet, a zombie army of remote-controlled connected devices, which can launch coordinated attacks to consume a victim’s upstream bandwidth.

Picture it like recruiting a group of friends, acquaintances, and anyone else you can persuade with access to a phone to call a local business at a particular time repeatedly. While you could annoy by doing this yourself, using a single phone line, by getting a large group of people to do so, you can tie up as many phone lines as the target company might have open at once. You also make it much harder for the beleaguered business to trace the party responsible since all the calls come from different numbers.

A botnet works a lot like this. It refers to a collection of internet-connected devices that have been infected using malware to be controlled by hackers. The name “botnet” is a combination of “robot” and “network.” The biggest botnets have involved hundreds of thousands or even millions of connected devices. Those targets without the proper DDoS mitigation tools can be in serious trouble.

1. Attacking IoT devices

Virtually any internet-connected device can be used as a botnet. All that’s required is that it can send messages on command. That means that while malware-infected desktop and laptop computers have been used in botnet-driven DDoS attacks, they too have smartwatches, intelligent security cameras, intelligent kitchen appliances, and home routers.

Some of the devices are ones their owners may not even think of as computers, although that’s precisely what they are. They may also have no awareness that their device is part of a botnet, perhaps only experiencing the occasional slowdown in service — since many devices in a botnet lie dormant until they’re used for a DDoS attack or, sometimes, for sending spam messages.

cybersecurity is essential to the global supply chain

There are many significant advantages to cyber attackers targeting Internet of Things (IoT) devices such as IP cameras and intelligent refrigerators for DDoS attacks. One is the massive number of devices that can potentially target. According to consumer data company Statista, the average number of connected devices per household in the United States last year was 10. Globally, the firm claims that there are around 21.5 billion interconnected devices.

Just as important is the fact that, in many cases, IoT security can be surprisingly poor. That makes these devices comparably easy to compromise for IoT botnets. Poor security may stem from weak and guessable passwords, often unchanged from their default passwords, insecure ecosystem interfaces, flawed security update methodologies, and more.

2. Botnets in action

Whatever the reasons, hackers have wasted no time targeting these vulnerabilities to build bigger, worse botnets. The devastating Mirai botnet, which emerged in 2016, infected IoT devices by scanning the internet for open ports and then trying to access them by using a list of more than 60 default passwords. It was used as part of multiple DDoS attacks.

Mirai’s tricks continue to be used in similar botnets. More recently, variations of a botnet malware family called Gafgyt have used code from the Mirai botnet to target and potentially infect susceptible IoT devices, including routers made by Huawei and Realtek. It downloads malware payloads that can be used to stage DDoS attacks by exploiting vulnerabilities in these devices.

DDoS attacks have been around for decades, but the approaches used by attackers continue to evolve. As seen with the Gafgyt malware and the continued threat of Mirai and Mirai-inspired botnets, attackers constantly tweak their systems to build larger, more dangerous botnets which can be used to inflict harm on targets.

3. Defending against DDoS

Anyone in possession of an IoT device should take steps to ensure that it is adequately secured. This involves changing the name and default password of machines, using strong passwords, providing firmware updates that are downloaded and installed, and avoiding using public Wi-Fi to access IoT networks.

To defend against DDoS attacks, you should also make sure that you deploy the correct anti-DDoS tools. This includes solutions for DDoS detection (able to recognize attacks as rapidly as possible), diversion (to defend against application-layer and network-layer attacks), filtering (blocking malicious traffic while continuing to let legitimate users through), and analysis (to gather information about attacks and attempted attacks.)

Distributed Denial of Service attacks (DDoS attacks) is not going away any time soon. The most that companies can hope for is preparing for them and figuring out how best to mitigate them. Given the potential damage they can cause — from unwanted downtime to long-term reputational damage — this is one of the smartest investments you can make.

We are an Instructor's, Modern Full Stack Web Application Developers, Freelancers, Tech Bloggers, and Technical SEO Experts. We deliver a rich set of software applications for your business needs.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Computer Network

How Zero Trust Networks Operate

But how do zero-trust networks operate, and what exactly makes them more effective than other types of security?

mm

Published

on

Network Bandwidth

Zero-trust network access (ZTNA) is a way of limiting who is allowed to access enterprise networks. As the name implies, ZTNA doesn’t make any assumptions about unknown endpoints, users, or applications other than that they might be untrustworthy. To combat the ongoing risks associated with allowing dangerous actors or applications to exploit network vulnerabilities, ZTNA draws a hard line in the sand and requires proof of authentication and authorization.

It’s worth noting that ZTNA works by only affording information that must be known, and only that much. While this might seem restrictive, it’s not overly cumbersome when you consider the problems resulting from a data breach. In essence, ZTNA reimagines what it means to secure networks. Instead of creating a perimeter of security—a concept popularized by firewalls and other similar technologies—ZTNA instead focuses on building trust on the individual access level.

There are a few reasons why the traditional ways of securing networks, while still valuable, aren’t sufficient for in-depth protection in today’s world. A big part of the issue is that more and more operations are moving to the cloud and remote locations. As networks have to expand to meet this demand, older forms of perimeter protection can’t keep up. But how do zero-trust networks operate, and what exactly makes them more effective than other types of security?

1. What Are the Key Features of Zero-Trust Network Access?

When thinking about ZTNA, it’s helpful to conceptualize it as part of the DNA of your network. Implementing a ZTNA means that every aspect of how your network security functions must follow its protocols. By creating this kind of zero-trust network access, organizations can do a much more thorough job of controlling who’s allowed to access corporate data. These are a few of the key features that are essential to ZTNA:

Comprehensive, Secure Connection – No matter where legitimate users are located, they need to access enterprise networks safely. Good ZTNA creates an ecosystem where all connected users and applications can confidently connect without worry.

Computer Network Expert with Microsoft

Integration with Cloud Platforms and Applications – Your networks aren’t just your own in today’s world. The vast majority of organizations utilize public and hybrid cloud models and use large suites of third-party apps. Integrating internal ZTNA policies with these essential network technologies will help keep your enterprise safer in this ever-changing landscape.

Keep Them Separated – An actual zero-trust architecture doesn’t compromise when segregating potential threat vectors and authentication tools. Keeping each piece independent facilitates a complete zero-trust environment.

Get Experts on Your Team – No matter the skill of your internal IT department, having the expertise of ZTNA experts from a security service provider will create whole new levels of safety.

Don’t Compromise on Reaching Users and Devices – It needs to be comprehensive for ZTNA to be fully effective. This means every user and device connecting to enterprise networks must pass muster.

2. How Do Technologies Integrate Zero-Trust Network Access?

Certain technologies integrate ZTNA into larger, overarching tools. Secure access service edge (SASE) is one example of this. With SASE, you’re getting a combination of a software-defined wide-area network (SD-WAN) with a lineup of cutting-edge security tools.

The best SASE offerings out there today will typically have an option for enterprises to enact ZTNA protocols on their networks. Having ZTNA come as part of a more extensive offering can help drive cost savings and foster a more airtight and seamless security architecture.

The world of cybersecurity is constantly changing. It’s the job of enterprises to keep up with this, or else risk the loss of critical data. Adopting zero-trust network access policies can help organizations keep threats at bay.

Continue Reading
Advertisement
Advertisement
Internet6 hours ago

Exante Reviews 2022 on The Benefits and Advantages of Broker-dealer Cooperation

Internet4 days ago

How Recruitment Agency Services Prove Helpful For Businesses 

Finance1 week ago

Infrastructure Is Critical to Sustained Economic Development in the Global South – Here’s Why

Digital Marketing1 week ago

Why Is Competitive Research Significant In Digital Marketing

Technology1 week ago

How to Boost Employee Engagement During the Holidays

Business2 weeks ago

Are Bundle Deals Cost-Effective in Reality?

Education2 weeks ago

Tips For Perfecting a Resume From Scratch

Business2 weeks ago

8 Ways to Access a Company’s Growth

Digital Marketing2 weeks ago

4 Reasons To Tap Athletes As Sports Brand Ambassadors

Marketplace2 weeks ago

How WordPress became the world’s most popular Content Management System

Advertisement
Advertisement

Trending