Keeping the Wolves at Bay: Strategies to Protect Against the New DDoS
Guest Contributor Rishi Agrawal
JUL 07, 2015 18:34 PM
A+ A A-

Keeping the Wolves at Bay: Strategies to Protect Against the New DDoS

by Rishi Agarwal, NSFocus

What do connected cars, smart appliances and self-adjusting thermostats have in common? They are part of the rapidly growing Internet of Things (IoT). Far more than the latest catchphrase or short-lived tech trend, IoT is a real phenomenon that is here to stay, offering greater convenience to consumers and untold opportunities for businesses.
Gartner, Inc., states in its 2014 Hype Cycle for Emerging Technologies Report that by 2019, companies will ship 1.9 billion connected home devices, bringing in about $490 billion in revenue. This stunning statistic has started more than the wolves of Wall Street talking; in fact, it has unleashed a new pack of wolves, and they have very big teeth.
This pack of predators is constantly on the hunt behind the scenes, looking for new attack vectors in cyberspace. One recent method of attack is the manipulation of home devices such as home routers or smart TVs, or essentially any device that has an operating system and an open IP address.
Once identified, these devices can then be used to create a nearly instantaneous volumetric assault on an intended target, whereby a massive number of these machines (often called botnets or “zombies”) overwhelm the victim’s network, flooding it with unnecessary requests leading to a server crash or the insertion of malware in the back-end. Either way, it’s bad for business and brand reputation, and very bad for the bottom line.
The New “It Girl” of DDoS Attacks
The humble home router has today become an instrument of what is now known as the simple service discovery protocol (SSDP), reflective amplification distributed denial-of-service (DDoS) attack. When we understand that globally, this can lead to significant  security worries — more than 7 million SSDP devices have the potential to be exploited to launch SSDP and other DDoS attacks.
This type of attack is very powerful and has thus become a favorite method of hackers. Such attacks use smart devices (routers, webcams, etc.) to amplify attack bandwidth by as much as 75 times. With IoT bringing billions of such devices online, it has become clear that there will be an exponential growth in this type of attack.
Here’s why:
  • Password problems. We all know better, but most of us create weak passwords for the sake of convenience. However, like your PC, Mac or phone, any equipment that connects to the Internet must be password-protected. While consumers are familiar with creating passwords, accessing the interface to password-protect a router or webcam may not be quite as intuitive.
  • Strong bandwidth. Modern households demand routers that provide the bandwidth to stream movies, access the Internet and send email.
  • Always on. It’s unlikely that you have programmed your home to automatically shut down when you leave, or go to sleep, so refrigerators, routers and webcams generally stay online 24×7. No regulation. Though federal standards groups are investigating these types of attacks and developing recommendations, it is not up to the manufacturers to secure the consumer home network. Instead, this responsibility currently falls on the consumer who purchases the device.
  • Upgrade? What upgrade? Most people don’t even know what firmware on a router is, much less that it needs to be updated. In fact, certain smart devices may never be upgraded after deployment.
What to do Before the Wolves Attack
It’s clear that enterprises and ISPs will continue to be challenged by DDoS attacks.
At RSA 2015 in San Francisco, IDC analyst Chris Christiansen noted that with consumer devices, there is no money in security. He went on to say that as such, the security embedded in a consumer IoT device is minimal, which, he noted, will eventually lead to major privacy and future litigation issues, especially in Europe.
Of course, security solutions continue to evolve to include IoT devices. Traffic-based attacks that lead to unavailable network infrastructure or congestion of available bandwidth can be prevented, but ISPs, hosting providers and enterprises alike need to think outside of the traditional security stack in order to do so.
When vetting solutions, organizations need to keep in mind that they must defend against not only DDoS attacks on the transport layer, such as flood attacks related to SYN, SYN-ACK, ACK, FIN/RST, UDP, ICMP and IP Fragment, but also those targeting the application layer, such as HTTP GET/POST Flood, slow-rate attacks, DNS attacks, game service attacks, and audio/video attacks. Furthermore, in terms of application scenarios, look for solutions that defeat DDoS attacks launched via a multitude of agent servers, like CDN and WAF gateways.
There are solutions available today that go beyond the basics. For instance, instead of relying solely on traditional fingerprint matching or similar methods, more evolved DDoS mitigation solutions also conduct behavior anomaly detection, which can then be filtered through an intelligent multi-layer identification and cleaning matrix. This consolidates the mechanisms of anti-spoofing, protocol stack behavior analysis, specific application protection, user-behavior analysis, dynamic fingerprint identification, bandwidth control and so forth.
It is heartening to see that a variety of regulatory organizations are working on creating standards and restrictions for the prevention of DDoS attacks. However, companies can’t wait for formal recommendations to be released — they need to protect themselves and their customers now.
Enterprises and hosting providers should implement DDoS protection into their networks that can watch for and mitigate SSDP attacks. Only then will companies be able to successfully keep the cybercriminal wolves at bay.


[%= name %]
[%= createDate %]
[%= comment %]
Share this:
Please login to enter a comment:

Computing Now Blogs
Business Intelligence
by Keith Peterson
Cloud Computing
A Cloud Blog: by Irena Bojanova
The Clear Cloud: by STC Cloud Computing
Computing Careers: by Lori Cameron
Display Technologies
Enterprise Solutions
Enterprise Thinking: by Josh Greenbaum
Healthcare Technologies
The Doctor Is In: Dr. Keith W. Vrbicky
Heterogeneous Systems
Hot Topics
NealNotes: by Neal Leavitt
Industry Trends
The Robotics Report: by Jeff Debrosse
Internet Of Things
Sensing IoT: by Irena Bojanova