The key to defending your data centre against the Internet of Things


Opinion The Internet of Things has the potential to revolutionise society once it surmounts its initial growing pains. Unfortunately, one of those involves security.

DDOS attacks are one of the oldest and most enduring things on the web, like that creepy uncle who no one can get rid of at family reunions. And like that uncle, they’re getting progressively worse as time goes on. This past summer saw the largest DDOS attack in history, one so large that it forced content delivery network Akamai to cancel the account of one of the web’s leading security bloggers, Krebs on Security.

“It wasn’t that Akamai couldn’t mitigate the attack – it did so for three days,” writes Tim Greene of Network World. “Doing so became too costly, so the company made a business decision to cut the affected customer loose…[the attack delivered] 665 gbps of traffic.”

That’s absolutely massive- and it was all made possible through the Internet of Things. See, the advent of the connected world has had a very unpleasant side effect. As we embed sensors into more and more of our devices, it’s rapidly becoming clear that most IoT manufacturers have absolutely no idea what they’re doing as far as security is concerned.

And really, why should they? Traditionally, none of these companies needed much aside from a bog-standard IT department. That’s changed, though – and a lot of folks are struggling to keep up.

I’m sure you can see where this is going. Over the next several years, botnets are going to increase exponentially in size. And they’re going to get easier to use – even now, we’re seeing massive DDOS attacks architected by amateurs.

So where does that leave us?

High and dry, unfortunately. While some headway has been made into IoT governance, we’re still a long way from what you could call security standards. And until such time as manufacturers are held accountable for shoddy security in their embedded systems – until such time as we start seeking to actively protect ‘smart’ devices – all we can do is weather the storm.

To that end, the standard DDOS mitigation advice applies:

  • Use early detection techniques, such as a script that forwards periodic messages with your traffic count.
  • Familiarise yourself with the most common DDOS attack techniques, and learn to recognise the unique fingerprint of each.
  • Invest in a tool with automatic DDOS squelching – you aren’t always going to be able to react quickly enough to block rogue IP addresses or bogus requests, and when your site is being attacked, every second counts. As an added bonus, many of these tools also include automated DDOS detection.
  • Make sure you have a proper crisis response policy in place, and that your Computer Security Incident Response Team is fully briefed on the proper procedure in the event of a DDOS.

That aside, there isn’t a great deal else you can do, save for hoping that whatever mitigation tools you’re using, they’re powerful enough to overcome whatever massive botnet aims itself your way.