DDoS using IoT
Comments
-
beads Member Posts: 1,533 ■■■■■■■■■□Now think of the eventuality that this is also your new corporate perimeter. Why you ask? Because people will put all this junk on their corporate owned smartphone to watch their "smart house" which now makes security's job to also indirectly defend your employees home.
And you thought scope creep was just for project management.
- b/eads -
markulous Member Posts: 2,394 ■■■■■■■■□□Yeah, I was shocked when I read that. It was almost twice the size of the attack against Brian Krebs.
I luckily haven't seen any IoT devices at my company. I've had people try to install some of the monitoring software (cameras, smart devices, etc) on their PCs, but I shut that down quick. -
beads Member Posts: 1,533 ■■■■■■■■■□At least Dan Goodin got bits instead of bytes right this time. ROTFLMAO!
- b/eads -
Verities Member Posts: 1,162@beads: I shudder inside when I see someone using Cox Smart Home app or bragging about how cool it is that they can change the thermostat or unlock/lock their doors remotely.
@markulos: I can't even fathom a 1Tbps stream. Pretty impressive that they've handled everything thrown at them so far. I started looking at how they handled DDoS's and its very interesting:
https://www.ovh.com/us/anti-ddos/ddos-attack-management.xml -
networker050184 Mod Posts: 11,962 ModThats pretty standard DDoS mitigation model. The only problem is when you're edge routers link to the internet is saturated there is nothing you can do about that (like their "surplus bandwidth" is a 10G connection in some spots) besides null routing yourself upstream and trying DNS tricks. Smart attackers usually catch onto this quick and don't attack by IP only. Cloud based DDoS mitigation that use tunnels is an option that can help with this part of the scenario.An expert is a man who has made all the mistakes which can be made.
-
markulous Member Posts: 2,394 ■■■■■■■■□□Sad thing is this is only going to get worse without any legal ramifications or government standards. The average consumer doesn't give a crap if it's vulnerable if they aren't directly affected. They aren't going to look at security flaws beforehand and won't keep up with patching after the fact either.
-
Chinook Member Posts: 206Currently both my house & my car follow the model of the Battlestar Galactica. "As long as I'm in command there will be no networked computers on this ship" - Commander Adama. Sadly, my vehcile won't last forever and the replacement will have networked technology. My house shall remain analog for as long as I can. #SayNoToAmazonEcho