Skip to main content
  1. Home
  2. Computing
  3. Web
  4. News

Internet of Things was the source of largest botnet attack in history

By
Add as a preferred source on Google

Security news site and blog KrebsonSecurity, was hit by the world’s largest denial of service (DDOS) attack last week, with more than 620 gigabits per second hammering its servers into submission. While astounding in its own right, what’s of more concern is the source: not infected PCs, but internet of things (IOT) devices like cameras and routers.

But the attackers didn’t stop there. Whoever was behind the DDOS was only just getting started. Since then we’ve seen assaults that peaked at over a terabit of data per second, with concerns that the botnet has the potential to deliver a further 50 percent more data if the timing is right.

Recommended Videos

Although as Ars reports, these numbers have yet to be officially confirmed, the sources are rather reliable. It would be easy to dismiss them based on their extravagance, since to date, the largest recorded botnet attack threw 363 gigabits per second of data. However, considering we’ve now seen attacks in excess of three times that much, we would expect to see many more large-scale attacks in the near future.

Related: Two Israeli teenagers arrested over vDOS DDoS-for-hire service

The reason this was possible at all is because of the Internet of Things. IOT devices have long been considered a security hole in the technological landscape, as they so often operate under the radar, and so receive less scrutiny from users and security professionals. However, they often have the ability to upload a lot of data at once, so it’s not always obvious when they’re used as part of an attack like this one.

We’ve seen hints of IOT devices like home routers being used in DDOS attacks before. The famous downing of the Xbox Live and PlayStation networks in 2015 was in part caused by botnet-connected home network hubs.

Even if you do notice that your IOT device is behaving oddly, reclaiming control of your hardware may not always be easy. By their very nature IOT devices tend to operate behind the scenes, so they often have minimal interfaces or ability to change important settings.

One preemptive security step people can take is to never put their hardware online at all. That may often defeat the point of a bit of smart tech and would of course be redundant for routers or similar devices, but there are a number of devices that don’t really need to be connected online all the time.

At the very least users should change their default passwords. Make them long, make them unique, and change them periodically to play it safe.

Jon Martindale
Jon Martindale
Former Evergreen writer
Jon Martindale covers how to guides, best-of lists, and explainers to help everyone understand the hottest new hardware and…
Topics
ChatGPT is recommending scam websites that will steal your credit card info
The chatbot is surfacing fraudulent clones of defunct retail brands, and scammers are deliberately engineering sites to game its recommendations.
ChatGPT running on a laptop.

Scammers have found a new way to reach shoppers: getting ChatGPT to do their marketing for them. According to The Guardian, scam-checking service Ask Silver found that OpenAI's chatbot is recommending fraudulent retail websites built to harvest payment details from unsuspecting buyers. The sites mimic real storefronts and use official-looking URLs, making them difficult to spot without scrutiny.

Defunct brands are a prime target

Read more
McDonald’s new AI drive-thru has to prove it can handle hungry people
After its earlier ordering bot became a punchline, McDonald’s is testing a new system that promises fewer human handoffs.
Architecture, Building, Hotel

McDonald’s is bringing AI back to the drive-thru with a new Google-backed system called ArchIQ, also known as Archy. It’s starting in five locations under the company’s broader “> NEXT” technology push, with a franchisee claiming the system has already handled more than 1 million orders.

The bigger number is the one McDonald’s needs people to trust. About 90% of those orders reportedly needed no human intervention. That sounds promising, but this is not a clean reset. Its earlier IBM-backed AI drive-thru experiment ended after viral mistakes turned automated ordering into a public punchline.

Read more
Logitech’s Mobi Fold is a pocketable folding mouse for folks who despise trackpads
Logitech’s Mobi Fold looks like a tiny productivity taco
Logitech Mobi Fold

Laptop trackpads are fine until you get really busy. Editing a spreadsheet in an airport lounge, juggling tabs in a café, or trying to do proper work on a tiny hotel desk can make you miss the convenience of a mouse. Logitech has the answer to this with the new Mobi Fold, its first ultra-portable foldable mouse.

While a small portable mouse is something people carry, many choose to skip the added bulk, simply choosing to bite the bullet with the trackpad. But the Logitech Mobi Fold can simply fold flat, and can later be unfolded when you need to work. This makes it pretty convenient to carry. Logitech even made the mouse to automatically power on when opened and turn off when folded.

Read more