Page 67 - Cyber Warnings
P. 67
This works to appear to be a new node that had not been blacklisted yet.
Remediation
This has been a rather significant issue and alarming trend. This attack alone has garnered a
mass amount of attention and press, cost the targets large amounts of money, and at times lost
their DDoS defense vendor.
As this issue brings much attention to the weak link, the equipment manufacturers have started
to focus on reviewing the issue. As an example, ZyXEL began to investigate this issue.
The vulnerability allegedly was arising from one of the chipset providers (Econet) with chipsets
RT63365 and MT7505. As of December 2016, ZyXEL was working on a patch.
Another option is to place the equipment behind a firewall or NAT with no ports exposed. This is
important as with this being exposed, it is vulnerable. A rather short-term yet effective
remediation for this issue is to reboot the equipment.
This clears the memory, removing the issue. This, although effective is problematic as this may
be reinfected with little effort. As an additional step, the default password should be changed.
Vendors & IoT
There has been a continuing issue where the vendors and IoT security meet. These devices
have overlooked security for years, via using insecure protocols, not securing the device’s
communication, and most of other factors.
The persons devising attacks clearly have taken notice of this and are exploiting the IoT devices
left and right.
Summary
There are only a few mass attacks that have been on this level and with such immediate
devastation. A business could be attacked for no reason and suffer the detrimental effects
About The Author
Charles Parker, II began coding in the 1980’s. Presently CP is an
Information Security Architect at a Tier One supplier to the automobile
industry. CP is presently completing the PhD (Information Assurance and
Security) with completing the dissertation. CP’s interests include
cryptography, SCADA, and securing communication channels.
He has presented at regional InfoSec conferences. Charles Parker, II can be
reached online at [email protected] and InfoSecPirate (Twitter).
67 Cyber Warnings E-Magazine – March 2017 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
