Armies of hacked IoT devices launch unprecedented DDoS attacks

DDoS attacks got a power boost thanks to hundreds of thousands of insecure IoT devices

Security researchers have been warning for years that poor security for internet of things devices could have serious consequences. We're now seeing those warnings come true, with botnets made up of compromised IoT devices capable of launching distributed denial-of-service attacks of unprecedented scale.

Octave Klaba, the founder and CTO of French hosting firm OVH, sounded the alarm on Twitter last week when his company was hit with two concurrent DDoS attacks whose combined bandwidth reached almost 1 terabit per second. One of the two attacks peaked at 799Gbps alone, making it the largest ever reported.

According to Klaba, the attack targeted Minecraft servers hosted on OVH's network, and the source of the junk traffic was a botnet made up of 145,607 hacked digital video recorders and IP cameras.

With the ability to generate traffic of 1Mbps to 30Mbps from every single Internet Protocol (IP) address, this botnet is able to launch DDoS attacks that exceed 1.5Tbps, Klaba warned.

The OVH incident came after krebsonsecurity.com, cybersecurity journalist Brian Krebs' website, was the target of a record DDoS attack that flooded the site at a rate of 620Gbps. The attack eventually forced content delivery and DDoS mitigation provider Akamai to suspend its pro bono service to Krebs, pushing the site offline for several days.

According to Krebs, the attack was nearly twice the size of largest attack Akamai had seen before, and would have cost the company millions of dollars if it had been allowed to continue.

"There is every indication that this attack was launched with the help of a botnet that has enslaved a large number of hacked so-called 'Internet of Things,' (IoT) devices -- mainly routers, IP cameras and digital video recorders (DVRs) that are exposed to the Internet and protected with weak or hard-coded passwords," Krebs said in a blog post after his website came back online under the protection of Google Project Shield.

On Thursday, antivirus and security vendor Symantec published a report warning that insecure IoT devices are increasingly hijacked and used to launch DDoS attacks. The company has seen the number of cross-platform DDoS malware programs that can infect Linux-based systems soar in 2015 and continue this year. These threats are designed to run on Linux-based firmware for CPU architectures commonly used in embedded and IoT devices.

Symantec's data shows that most of these systems are not compromised through sophisticated or device-specific vulnerabilities, but due to a lack of basic security controls. Attackers typically scan the internet for devices with open Telnet or SSH ports and try to log-in with default administrative credentials. That's unfortunately all it takes today to build a large IoT botnet.

And while IoT-powered DDoS attacks have now reached unprecedented size, there have been warning signs for several years that they were coming. In October 2015, security firm Incapsula mitigated a DDoS attack launched from around 900 closed-circuit television (CCTV) cameras and in June DDoS protection provider Arbor Networks warned that there are over 100 botnets built using Linux malware for embedded devices.

Join the PC World newsletter!

Error: Please check your email address.

Tags ddos

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service
Show Comments

Essentials

Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop

Learn more >

Lexar® JumpDrive® S57 USB 3.0 flash drive

Learn more >

Mobile

Lexar® JumpDrive® S45 USB 3.0 flash drive 

Learn more >

Exec

HD Pan/Tilt Wi-Fi Camera with Night Vision NC450

Learn more >

Lexar® JumpDrive® C20c USB Type-C flash drive 

Learn more >

Audio-Technica ATH-ANC70 Noise Cancelling Headphones

Learn more >

Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards 

Learn more >

Budget

Back To Business Guide

Click for more ›

Most Popular Reviews

Latest News Articles

Resources

PCW Evaluation Team

Michael Hargreaves

Windows 10 for Business / Dell XPS

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?