The Internet of Things (IoT) is deeply infected with what could, and what certainly will, cause the next largest direct denial of service (DDoS) attack in history.
As it stands right now, the statement above should hold true for quite a while.
A DDoS attack is when a large number of internet capable devices (often hacked without the owners consent) are remotely instructed to continuously send messages to a particular website all at the same time. This flood of information causes the target website or web service to be overworked and eventually unreachable.
When you hear of a website going down because of hackers, you can be nearly certain that it was done by using a DDoS attack.
As is discussed below, there are multiple signs that larger DDoS attacks are soon to come as the IoT is becoming increasingly infected with malware.
It’s difficult to pin-point the largest DDoS attack in history because, as soon as you find the most recent record-breaker, the record has already been broken again.
Below is a list (updated 4/11/2017) with some of the largest ever recorded.
Largest DDoS Attacks in History:
The 2016 Dyn Cyber Attack
A coordinated DDoS attack was carried out on October 21, 2016 using tens of millions of ip addresses. The attack interrupted service for systems hosted by the DNS provider Dyn. Outages for internet based services were reported across Europe and North America. According to a report by Dyn, the DDoS attack may have reached 1.2 Tbps at it’s peak but they cannot verify that claim.
150k+ Hacked Smart Devices Responsible for DDos Attack in September, 2016
Over the course of multiple days, French internet service provider (ISP) OVH fell victim to a DDoS attack that reportedly peaked at nearly 1 Tbps. The attack, according to an article on The Register, was carried out by over 150,000 wifi enabled smart devices such as security and video cameras. To add insult to injury, many of the devices used are no longer receiving software or firmware updates so they can, and will be, continually exploited.
New World Hacking Attacks BBC and Donald Trump on 12/31/2016
In December / January of 2016 the hacking group, New World Hacking, took down the BBC website and Donald Trump’s political website with a DDoS attack that peaked at 602 Gbps. The hacking group claimed this was just a test of their power and that their primary target was ISIS.
Why DDoS Attacks Will Continue
The scary part is that it doesn’t appear that these attacks are going to stop anytime soon. There are enough infected devices connected to the internet to perform a DDoS attack of unimaginable size.
Website security firm Wordfence has recently reported on a large scale security vulnerability found in modems managed by ISPs. The vulnerability exploits a protocol, called TR-069, that ISPs use to communicate and send updates to provisioned routers.
In the report, author Mark Maunder writes that:
“At this point it would not be a stretch to say that vulnerabilities in TR-069 may have created a very large botnet which could soon generate the largest DDoS attack the Internet has ever seen.”
The TR-069 exploit is not the only way in which the IoT is infected, however.
In fact, your smartphone could be infected according to a recent article on The Hacker News website. Any mobile devices using Broadcom WiFi SoC (Software-on-Chip), including some devices running iOS and Android were vulnerable to being hacked over wifi networks. In other words, that free wifi at the airport might not be so great anymore. A patch for this vulnerability has since been released for most devices so make sure that you’re updating your devices when possible.
The examples above are just a few of the large vulnerabilities that have already been exploited and are now known about. Not included are the countless other vulnerabilities yet to be discovered, exploited or reported on.
The fact that there are many vulnerable devices no longer receiving updates, hacked modems, and new vulnerabilities that can target mobile devices over wifi connections provides a clear warning sign that increasingly large DDoS attacks will continue to occur.