Page 107 - Cyber Defense eMagazine June 2020 Edition
P. 107
Not only do IoT devices share some of these vulnerabilities, but they also have a much weaker security
posture overall. They are often far less secure out of the box because that makes deployment easier.
Many use default or weak passwords and rely on older protocols without built-in firewalls, direct user
interfaces, or automated patching. Finally, manufacturers usually sell these items at low margins, so they
have little incentive to enhance security or fix issues.
Since the Mirai malware went live in 2016, hackers have developed many different IoT-based DDoS
attack strains. These botnets discover newly connected devices within 60 seconds of them going online
and weaponize everything from smartphones to smart homes. Even worse, hackers can now target entire
IP address ranges by combining multiple vectors or overwhelming systems through short, sustained
DDoS attacks.
These budding Mr. Robots and Lisbeth Salanders also have a much larger pool of victims to choose
from, along with seemingly unlimited resources. That allows them to change tactics on the fly while
accessing more attack surfaces through cloud services and mobile networks.
Hackers who use these sophisticated methods make it harder to contain damage. Cybercriminals deploy
attacks as a smokescreen while they invade systems and access massive amounts of sensitive data.
They then distribute it widely, which can lead to severe financial losses.
Enterprise IT teams must employ advanced defense strategies to analyze and fight back against these
threats. Telecommunications carriers and processing centers specifically are subject to more hacks,
which can target both the providers themselves and their customers. Because of this, all parties need to
plan for the worst by using smart data to optimize security.
Organizations Can Update, Innovate, and Evolve
Even the most well-prepared companies should maintain constant vigilance against formidable online
threats. The digital world has changed rapidly in recent years, so organizations need to protect all their
distributed environments, on-premises and in the cloud, by employing DDoS prevention solutions.
IT teams will increase their chances of successfully countering opponents if they connect and collaborate
while simplifying workflows and staying resilient. These professionals should routinely secure vulnerable
hardware and software to ensure only legitimate users can access those services. They also need to
monitor all traffic and respond immediately if suspicious vectors appear.
Enterprises should further conduct regular attack mitigation drills and employ automated detection tools
during normal operations. That way, staff can evolve internal processes to defend networks and respond
swiftly to cyberthreats using the proper protocols.
Business leaders also need to ensure they don’t put a lid on staff innovation after hacks occur. When
companies suffer lengthy outages following cyberattacks, some C-suite leaders think twice about
adopting any new technologies.
That’s a dangerous proposition, since businesses end up trailing the competition. Organizations need to
encourage the use of modern tools that protect industries while decreasing risk.
Cyber Defense eMagazine –June 2020 Edition 107
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.
