Massive hack exposes dark side of the Internet of Things

If you’re located in the Northeastern U.S., you may have noticed many of your favorite websites or web services were unreachable late last week. From Netflix to Spotify, Github to the New York Times, Reddit and Twitter, many of the Internet’s most popular sites were seemingly offline for large swathes of Friday. All the sites came back online within a few hours, but the incident highlighted two troubling developments you should take note of.

  1. It doesn’t take an out-and-out hack to disable or negatively impact mission-critical systems
  2. The Internet of Things isn’t all sunshine and roses

1) It doesn’t take an out-and-out hack to disable or negatively impact mission-critical systems

For anyone that doesn’t know the background of this particular attack, no systems were actually breached by hackers (at least, there’s no evidence to suggest that as of yet). Passwords weren’t stolen, data wasn’t compromised. Instead, the hackers used a sophisticated distributed denial-of-service attack (DDoS). For some background, see the New York Times write-up from last week. An excerpt:

A distributed denial-of-service attack, or DDoS, occurs when hackers flood the servers that run a target’s site with internet traffic until it stumbles or collapses under the load. Such attacks are common, but there is evidence that they are becoming more powerful, more sophisticated and increasingly aimed at core internet infrastructure providers.

Another excerpt to give you one more piece of context — the attacks focused on a particular company integral to the infrastructure of the web, Dyn:

Dyn is one of many outfits that host the Domain Name System, or DNS, which functions as a switchboard for the internet. The DNS translates user-friendly web addresses like fbi.gov into numerical addresses that allow computers to speak to one another. Without the DNS servers operated by internet service providers, the internet could not operate.

Why is this important beyond giving you news? Because it shows that hacking a specific company for passwords or data is not the only way hackers or nefarious actors can do serious damage to the web as we know it. And, coordinated attacks on the internet’s infrastructure have far wider ranging effects than attacks on a single company or website.

All of this is to say there are many ways your company and data can be put at risk. And, if you’re not giving it your full attention, attacks like these could devastate your company.

2) The Internet of Things isn’t all sunshine and roses

The Internet of Things (IoT) has long been hailed as a boon to modern life. Smart refrigerators that can sense what food you have available and pull recipes for you; connected homes that can turn lights off as you move from room to room; smart thermostats that regulate temperature and save power… the list of possible technologies and features is endless. But, as all of those devices come online, it leaves every system that interacts with them more vulnerable.

As the DDoS attack showed, these devices, many of which don’t have the highest grade security baked in, can become infected with malware. This can lead to a number of unintended consequences, but as was seen last week, the millions of devices, all connected to the web, can act as miniature computers making constant requests from an infrastructure provider like Dyn.

By weaponizing huge swathes of the IoT, the hackers tapped into an unused source of overflow web traffic for carrying out a DDoS attack. But, if so many devices were infected, it begs the question: “what else could hackers do with IoT devices?”

Companies and consumers alike need to vet the technology they let into their offices and homes, and IoT devices are no different. How good are their security precautions, really? What’s the level of encryption?

You get the idea.

Security is more important now than ever before. And, as connected devices proliferate, they can be used nefariously without your knowledge or involvement. So, it’s incumbent on you to know how secure the systems you choose to let into your lives actually are, and make your purchasing and installation decisions accordingly.

 



Comments

One response to “Massive hack exposes dark side of the Internet of Things”

  1. Stanley Lee says:

    A massive and sustained Internet attack that has caused outages and network congestion today for a large number of Web sites was launched with the help of hacked “Internet of Things’s (IoT) devices, such as CCTV video cameras and digital video recorders, new data suggests. Visit today to know more.

Leave a Reply

Your email address will not be published. Required fields are marked *

eighteen + sixteen =

Jeff Francis

Jeff Francis is a veteran entrepreneur and founder of Dallas-based digital product studio ENO8. Jeff founded ENO8 to empower companies of all sizes to design, develop and deliver innovative, impactful digital products. With more than 18 years working with early-stage startups, Jeff has a passion for creating and growing new businesses from the ground up, and has honed a unique ability to assist companies with aligning their technology product initiatives with real business outcomes.

Get In The Know

Sign up for power-packed emails to get critical insights into why software fails and how you can succeed!

EXPERTISE, ENTHUSIASM & ENO8: AT YOUR SERVICE

Whether you have your ducks in a row or just an idea, we’ll help you create software your customers will Love.

LET'S TALK

When Will Your Software Need to Be Rebuilt?

When the software starts hobbling and engineers are spending more time fixing bugs than making improvements, you may find yourself asking, “Is it time to rebuild our software?” Take this quiz to find out if and when to rebuild.

 

is it time to rebuild our software?