Distributed Denial of Service (DDoS) attacks that use Internet of Things devices are a significant threat to the Fourth Industrial Revolution, and the potential it brings to revolutionise productivity and people’s lives in general. This was proven during the late 2016 DDoS attack largely ascribed to the Mirai botnet, which, unlike other botnets that are typically made of up computers, was composed largely of weaponised Internet of Things (IoT) devices such as DVR players, home routers, air quality monitors and personal surveillance cameras.
This is according to Bryan Hamman, territory manager for sub-Saharan Africa at NETSCOUT Arbor, which specialises in advanced DDoS protection solutions. “The internet is an integral part of life and infrastructure in most countries around the world today,” Hamman says. “A successful DDoS attack aims to disrupt or cause the denial of an online service by overwhelming it with traffic from multiple sources. The DDoS attacks of 21 October 2016, for example, showed just how vulnerable sections of the internet and its global operability are to attack by those of ill intent.
(TOP: A robot named Pepper holding an iPad. Photo: Alex Knight).
“These attacks, which are largely ascribed to the Mirai botnet and have entered recent history due to the involvement of IoT devices, involved multiple DDoS attacks targeting domain name system (DNS) provider Dyn, whose business ensures that information requests via the internet are delivered to the correct address. The knock-on effect was that major internet platforms and services linked to Dyn – including Twitter, GitHub, Reddit, Pinterest, Etsy, Tumblr, Spotify, PayPal and the PlayStation network – were unavailable to millions of users in Europe and North America for some hours. Consumers were unable to carry out activities like online shopping, social media interaction or listen to music during this enforced downtime – examples which showcase exactly what the Fourth Industrial Revolution is all about, namely the interaction of the physical and digital worlds.”
The Fourth Industrial Revolution is generally understood to be the coming together of physical and digital technologies. It builds on the previous industrial revolutions which each, in their own way and their own times, were seen to increase production of processed items during their eras. In the process, each industrial revolution changed the ways that humans operated in particular spheres, arguably bringing in opportunities for improvements in efficiencies in general, and in some cases even poverty alleviation through the creation of jobs and new systems. The First Industrial Revolution began in the 18th century with the invention of the steam engine; the Second used electricity to create mass production; the Third used electronics and information technology to automate production; and the Fourth is leapfrogging on top of the relatively recent Third to close the gap between our use of the physical and digital world.
Hamman explains, “People are aware that the Fourth Industrial Revolution is bringing change at a rate never seen before. The pace and scale of disruption brought about by connected technology is incredible; almost every industry you can think of is being transformed at an unprecedented speed. While it is true at a societal level that this global-scale of change will likely render some jobs obsolete, it will also create other new jobs during the disruption.
“As with most things, the powers inherent in the Fourth Industrial Revolution can be used for the greater good, or alternatively abused – this is human nature. But on the positive side, the possibilities being brought by the closing of the gap between the physical and digital worlds include changes in commerce, education and healthcare – for example, advances in biomedical sciences can lead to healthier lives and longer life spans. I prefer to focus on the ways in which the Fourth Industrial Revolution can be used for positive change.”
NETSCOUT Arbor notes in its 13th Annual Worldwide Infrastructure Security Report (WISR), released earlier this year, that the use of compromised IoT devices to launch DDoS attacks has helped cybercriminals increase the complexity of their assaults. The WISR is based on 390 responses from network operators globally, with more than half of the respondents headquartered and operational in North America. The 13th WISR showed that 33 percent of surveyed organisations had suffered a DDoS attack during 2017 (up from the previous year’s 17 percent). The report notes in its conclusion: “…attackers continue to build and weaponize massive IoT botnets of unprecedented size and capability…. This year, we’ve seen increasing sophistication of IoT-based botnet attack capabilities. These modern botnets are capable of delivering attacks that include application-layer, volumetric and complex multi-vector DDoS attacks.”
In a white paper, ‘IoT DDoS attacks show the stakes have changed’, NETSCOUT Arbor recommends a multi-layered approach to DDoS attack detection and mitigation, to counter-act the multi-vector layering inherent in botnets that are similar to the Mirai botnet, which began operating on 1 August 2016. Additionally, the paper notes the need for IoT makers to insert some basic security requirements into devices; for IoT operators in enterprises to improve and maintain visibility; for IoT users to take more responsibility for their devices; and for security operators to make sure that security and employee policies reflect and cater for the reality of the widespread use of IoT devices in today’s workplace.
“I view DDoS attacks, such as the 21 October 2016 attacks and the largest DDoS attack ever seen – namely the 1.7 Tbps attack on an American-based service provider during the first week of March 2018, which was foiled by NETSCOUT Arbor – as a threat to the positive possibilities that the Fourth Industrial Revolution could bring about. I therefore urge companies to remain aware of the damage that can be wrought by an undefended DDoS attack, and to get their defences in order,” Hamman concludes.
NETSCOUT Arbor, the security division of NETSCOUT, helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. NETSCOUT Arbor is a major provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. NETSCOUT Arbor’s advanced threat solutions deliver complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. NETSCOUT Arbor also delivers analytics for dynamic incident response, historical analysis, visualization and forensics.