Reading another article about how “theoretically” IoT devices can be used to create havoc on the internet and bring down society as we know it!
Scary hey … but largely rubbish if you read the articles. Semantics are just trying to scare people into buying their software. the article provides no real evidence of IoT being responsbile for the DDoS attaches and the example they give are not even IoT devices.
“Just this month the security vendor Sucuri reported on a large DDoS attack launched from 3 different types of botnets (CCTV botnet, home router botnet and compromised web servers). While not commonly seen in the past, attacks originating from multiple IoT platforms simultaneously may be seen more often in the future, as the amount of the embedded devices connected to the Internet rises.”
KerbsonSecurity try to relate their DDoS attack to IoT to get publicity with this very weak link to IoT.
“There are some indications that this attack was launched with the help of a botnet that has enslaved a large number of hacked so-called “Internet of Things,” (IoT) devices — routers, IP cameras and digital video recorders (DVRs) that are exposed to the Internet and protected with weak or hard-coded passwords.”
I am not sure when routers, IP cameras and DVRs became IoT devices? Aside from the “some indications” .. yeah, what indications? Can’t see any cause and effect in this statement.
Now, I am certainly not saying that security is not important for IoT – nobody wants someone hacking into their autonomous car or flashing the cities smart street lights in time with their favourite song … but these alarmist, self-serving, articles do nothing but confuse the general public and trivialise the real job of properly securing IoT devices, networks and platforms.
If you are interested in reading something useful on the topic, start with whttps://www.pubnub.com/blog/2015-05-04-10-challenges-securing-iot-communications-iot-security/ which provides some good practical considerations for those building IoT solutions.