In what seems at first read an amusing tale, cyber hackers have managed to turn millions of internet connected home devices, such as toasters, fridges, printers, heating systems, TVs into weapons in a co-ordinated distributed denial of service attack.
It sounds funny, but this is really no joke. These IoT devices now probably number in the billions across the globe and many of them are vulnerable to attack because of easily hacked factory reset passwords. This means that it is virtually impossible to stop them being co-opted into future such attacks.
The attack that took place last week was targeted at internet “phone book” provider Dyn and affected such mainstream websites as Twitter, Spotify and Reddit. All were taken offline for a time when their sites were overwhelmed by the scale of the attack. The attackers used botnets infected with the “Mirai” malware which has been made widely available to hackers by its creators.
IoT devices are not limited to the home. Many businesses also use them for CCTV cameras, printers, TVs and much more. This means that they are also open to the same line of attack. The UK government has recognised the scale of the threat and has dedicated £2bn to the fight against cyber crime, promising more specialist investigators, innovation funding for security start-ups and a new Cyber Research Institute.
The government clearly does not see the funny side of this and neither should those responsible for securing their business against attack. Does that internet connected fridge pose a threat to your corporate security perimeter? Yes it does.
Head of Cyber Security