SoylentNews is people
SoylentNews
I found the following story which explains the nature of the DDoS threat facing us all. In the past, the main culprit of DDoS attacks were compromised computers which partially resulted in the multi-million dollar business of antivirus programs and similar software. Nowadays, the source is more likely to be a compromised CCTV camera, DVR, or some other device on the IoT.
Last week, the hosting provider OVH faced 1Tbps DDoS attack, likely the largest one ever seen.
The OVH founder and CTO Octave Klaba reported the 1Tbps DDoS attack on Twitter sharing an image that lists the multiple sources of the attack.
Klaba explained that the servers of its company were hit by multiple attacks exceeding 100 Gbps simultaneously concurring at 1 Tbps DDoS attack. One of the attacks documented by the OVH reached 93 MMps and 799 Gbps.
Now Klaba added further information on the powerful DDoS attacks, the CTO of the OVH claimed that the botnet used by attackers is powered by more than 150,000 Internet of Things (IoT) devices, including cameras and DVRs.
"This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn." — Octave Klaba / Oles (@olesovhcom) 23 settembre 2016
The bad news for the OVH company is that attacks are still ongoing and the size of the botnet is increasing.
(Score: 2) by Farkus888 on Thursday September 29 2016, @10:20AM
A large part of the reason for IOT devices is checking in and making changes while away from home. Smart routing rules are a possibility depending on how predictable your IOT devices are but walling them off from the internet in general defeats the purpose of buying them.
Just as an example, a smart thermostat like the nest is essentially already a bot device talking to a set of command and control servers to get its orders during normal operation. Does it connect out to the servers or do they initiate the connection? How many different IPs will it contact talking to those servers?
Short of spending hours with a packet sniffer you are unlikely to ever be able to answer any of the questions that need answered to make a usable set of firewall and routing rules. In the case of something like the nest thermostat a set of rules that allows it to still work is likely to be so permissive as to be nearly pointless.
(Score: 1) by baldrick on Thursday September 29 2016, @03:21PM
when I used to set up IPcams they were behind a router with a openVPN server running on it
... I obey the Laws of Physics
(Score: 2) by ticho on Thursday September 29 2016, @07:04PM
Nobody is forcing you to buy "Things" that are impossible to use securely. Also, you can either keep finding excuses why it's difficult to secure them, and why it's not worth it to even try, or you can try finding a way how to do it.
(Score: 0) by Anonymous Coward on Thursday September 29 2016, @08:44PM
Hear, hear. I think if I ever wanted to go IoT and give every lightbulb in the house an IPv6, I'd have to roll my own. Been looking at electronic/computing maker stuff lately thanks to a few links dropped elsewhere on this site and damn. Might be a bit bulky, but hell, it'd be secure and functional no matter what $big_valley_company's cloud is doing today.