Skip to main content
  1. Home
  2. Computing
  3. News

Internet of Things was the source of largest botnet attack in history

Jon Martindale
By

botnet cameras iot attack ismartalarm spot security camera 2
Image used with permission by copyright holder
Security news site and blog KrebsonSecurity, was hit by the world’s largest denial of service (DDOS) attack last week, with more than 620 gigabits per second hammering its servers into submission. While astounding in its own right, what’s of more concern is the source: not infected PCs, but internet of things (IOT) devices like cameras and routers.

But the attackers didn’t stop there. Whoever was behind the DDOS was only just getting started. Since then we’ve seen assaults that peaked at over a terabit of data per second, with concerns that the botnet has the potential to deliver a further 50 percent more data if the timing is right.

Recommended Videos

Although as Ars reports, these numbers have yet to be officially confirmed, the sources are rather reliable. It would be easy to dismiss them based on their extravagance, since to date, the largest recorded botnet attack threw 363 gigabits per second of data. However, considering we’ve now seen attacks in excess of three times that much, we would expect to see many more large-scale attacks in the near future.

Related: Two Israeli teenagers arrested over vDOS DDoS-for-hire service

The reason this was possible at all is because of the Internet of Things. IOT devices have long been considered a security hole in the technological landscape, as they so often operate under the radar, and so receive less scrutiny from users and security professionals. However, they often have the ability to upload a lot of data at once, so it’s not always obvious when they’re used as part of an attack like this one.

We’ve seen hints of IOT devices like home routers being used in DDOS attacks before. The famous downing of the Xbox Live and PlayStation networks in 2015 was in part caused by botnet-connected home network hubs.

Even if you do notice that your IOT device is behaving oddly, reclaiming control of your hardware may not always be easy. By their very nature IOT devices tend to operate behind the scenes, so they often have minimal interfaces or ability to change important settings.

One preemptive security step people can take is to never put their hardware online at all. That may often defeat the point of a bit of smart tech and would of course be redundant for routers or similar devices, but there are a number of devices that don’t really need to be connected online all the time.

At the very least users should change their default passwords. Make them long, make them unique, and change them periodically to play it safe.

Editors' Recommendations

Topics
Jon Martindale
Jon Martindale
Computing Coordinator
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
How to easily connect any laptop to a TV
An image-editor app being used to edit photos on a laptop.

If you’re using a laptop on a daily basis, you’ll know how tiring it can get to stare at a 13-inch screen for hours on end. This is why it’s great that most modern PCs can be connected to a TV. Not only does this give you a bigger display to work with, but you’ll still be able to use your laptop as you normally would. So no saying goodbye to those handy trackpad gestures!

Read more
The Asus ROG Ally just got a game-changing update
Asus ROG Ally handhelds side by side.

Asus' ROG Ally is one of the best handheld gaming PCs you can buy, and now it's getting even better. Asus is updating the handheld with AMD's Fluid Motion Frames (AFMF). This is a driver-level feature that adds frame generation to the majority of DirectX 11 and 12 games, which should vastly improve performance.

We've seen AFMF in action on AMD graphics cards previously. The feature launched late last year for desktop and mobile AMD graphics cards, but the ROG Ally oddly didn't support the feature. Asus' handheld uses the Ryzen Z1 chipset, which includes both an AMD processor and graphics card, but it uses its own specialized driver. Because of that, it didn't receive AFMF support right away.

Read more
How to delete a Discord server on desktop and mobile
Memrise bot in the Discord app directory.

Have you had enough of Discord for a while? We get it. It can be a little exhausting to say the least, especially if you’re running a jam-packed server, filled with multimedia and messages. Fortunately, if you’re in the mood to take a break, it’s not too hard to delete your Discord server.

Read more