DDOS attacks against the threat of things how dangerous?

管理 / 2018-06-27

According to a recent Gartner study, which is expected by the end of 2020 will be about 2 billion connected devices。 While at the same connection, independent technology will significantly improve the efficiency and productivity risks, enterprises and individuals should not be underestimated things caused。 See also: October encounter in the back of large-scale DDoS attacks one of the main issues two things hackers equipment business is, after the initial installation, the device is often forgotten, and run their own。
This allows the main threats to the security of things, such as Denial of Service (DDoS) attack by a distributed botnet attacks – for the 2016 attack in Dyn Domain Name System (DNS) strategy, attack and kill chain。
Attacks kill chain concept has been around for several years。
Originally a military term, Lockheed Martin's computer scientists began to use network security in 2011 to describe a framework for the defense of computer networks。
Its relevance since a new meaning in the current security environment of things and equipment in botnet attacks。
"Kill chain" lists from the early stages of network attacks to complete reconnaissance attacks, data theft ultimate goal is to achieve more attacks。 These stages are: surveillance: intruder choose their target device and begin their search for vulnerabilities。 Weapons: Use a remote intruder to access malware weapons (such as viruses or worms) addresses the vulnerability。 Delivery: intruder sending weapons to the target network device via email attachments, websites, USB drives, etc.。
Use: malicious software code that is used to trigger weapon attacks to take action against the target network, using the loophole。 Installation: the installation of malicious software weapons used by the intruder access point。
Command and Control: malware then an intruder can get "hands keyboard" continued access to the target network, enabling future attacks。 Things devices include wearable simple target device, in the conference room television and security cameras are antivirus chain intruders; there is not always wrong things device owners。 For manufacturers were networked devices, the safety mechanism is usually an afterthought – poor security measures adopted by many companies, such information is encrypted, password encoded directly into the device。 In fact, last year, 80 Sony IP security camera models were found to have the back door, which can allow hackers easy access to very private security camera。 The best way to kill chain steps to prevent and respond to attacks to prevent the penetration of chain business investment is secure Things layered approach。
Using this method has four steps。
The first step is to assess, or all of the existing network discovery IoT device connected to the network from the start of the process, including managed devices and the management section。 Understand the classification of each device, which runs the operating system and applications are installed which are very important。 After assessed, the next step is broken down。 Things should not include equipment with other devices in the same segment, it should not be included within the scope of the organization's mission-critical systems and data。
Best way to ensure security, including the deployment of a firewall between the Internet of Things and non things part, to minimize network "crown jewel" of risk。 After the split, the next step is to detect or to ensure regular analysis of network behavior, so if you add a new device of IoT, you can determine whether their behavior matches the model with other similar devices。 Damage to equipment or sham devices may look identical to other IoT devices, but different behavior。 The final step is to respond。
Since the manual alarm may take several hours or even several days to process, so companies should adopt a backup plan, in order to immediately restrict access to the device with irregular patterns of behavior。
See also: traffic cameras lead to a large DynDDoS attack this layered approach aims both to prevent the possibility of an attack to kill chain, and perform damage control in real-time attack。 Using this list, people will be able to understand the behavior of devices on the network, and to remind the non-standard behavior。
If, despite all these steps are taken, the attack did occur, people will be able to effectively respond according to the backup plan previously designed。 For example, the smart refrigerator in your company to install Office。
In addition to cooling your favorite refreshments and reports with outside power, smart refrigerator connected to a wireless network for data, it can also penetrate other devices in its vicinity, such as notebook computers, desktop computers and mobile phones。 Because the refrigerator is not password protected access, hackers can easily access and execute lateral attack, not only on the smart device, but also on all the devices in the company's roof。 In connection environment, only a smart, layered approach technology can see, control, respond to and manage the risks effectively protect enterprise networks and the Internet of Things under the equipment from a huge chain of anti-virus attack。