Roughly a week ago we had to deal with an internet shutdown in the Northeastern U.S. and as consequence now internet security experts are looking for ways to prevent this type of DDoS attacks from ever happening again.
Latest DDoD Attack's Lessons
According to Venture Beat, just last week the Internet of Things has turned against us. IoT connected devices such as DVRs, printers, baby monitors and others were used as the launching platform for a DDoS attack against Dyn's DNS infrastructure. The attack impacted major internet services such as Twitter, Paypal, Netflix and others.
All these top internet companies have invested heavily in cyber security defenses. For them, it may be surprising how could have been possible to be taken down by a bunch of $100 devices. The latest major cyber attack should be a wake-up call for the industry. Security experts have been discussed IoT threads for several years, but now the topic might finally become a mainstream conversation.
On the market today there are many IoT connected devices designed to have long battery life and to be low cost. Unfortunately, until now security was not a high priority IoT gadgets' product design. Most often these devices do not even have enough processor cycles and memory available to run security software and as consequence they do not constantly look for threats.
Nowadays, a hacker can easily exploit any wireless device and they are only a few steps away from getting onto the Internet or the corporate network where can do real damage. IoT has created an easily exploitable resource that creates plenty of opportunities for terrorism and cybercrime. This conjuncture creates a strong call to action for security startups. Emerging startups in the field of IoT security have the opportunity to come with innovative security solutions for the cloud and network.
The security protection can't realistically be built within the IoT connected device in most cases. For this reason, the industry will need to develop new layers of security. Advanced tech needs to be built for proxying and analyzing the traffic before these Internet of Things connected devices can communicate to more critical systems.
Future Advanced Tech For IoT Security
This, in fact, is not a really new concept. Companies already leverage various layers of security today, including encryption, endpoint software, firewalls, real-time analytics and various more categories of protection.
The primary focus of the last several years was the endpoint security. Now, it's time to rethink the endpoint security focus and increase the middle point security consisting of layers between the data, assets and services that need protection and the exploitable surface area of the Internet of Things. Innovation and creation of advanced technology in this "middle point security" offer new market opportunities in other product categories. The IoT threat is driving the creation of new security technology for the detection and profiling of all connected devices able to connect to the network, regardless of their primary communication protocol.
According to The Daily Caller, there are already available today several security network services such as Akamai and Cloudfare. However, the problem is that they can be still too expensive. Individuals and companies have to evaluate whether the benefits of employing such a service are outweighing the costs.
While today's security protection is typically focused on wired and Wifi-connected devices, the next generation threats may come from communicating over Z-Wave, ZigBee, or Bluetooth. First step to defending this new communication platform may start by identifying potential malicious devices.
Another area of interest for the new advanced tech for IoT security is monitoring and analysis of traffic generated by IoT gadgets. For a strong defense it might be critical to understand the malicious traffic before it can be inserted into the flow of legitimate traffic flowing over the internet or network.