Lax security of the internet of things and vulnerabilities in smart devices have set a precedent by encouraging many attacks in a short time. In just a few weeks, we’ve witnessed the shutdown of Brian Krebs’ security blog and a major DNS outage across the US, both caused by DDoS attacks from an IoT botnet.
Following the disruption of Dyn DNS, another company was attacked on Saturday and Monday. StarHub, the broadband provider from Singapore, experienced DDoS attacks from home webcams and broadband routers that temporarily left its subscribers without internet. The team noticed a spike in web traffic that their DNS farms couldn’t handle thus causing an overload. The home broadband service was restored within two hours.
“Intentional and likely malicious distributed denial-of-service (DDoS) attacks on our Domain Name Servers (DNS) that caused temporary web connection issue for some of our home broadband customers,” were confirmed in an updated post on Facebook.
Other services such as mobile, enterprise and home voice servers were not affected. StarHub assures its customers their private data has not been affected by the attacks.
DDoS attacks are gaining popularity, as are IoT devices. Because it’s almost impossible to install security software on a DVR or fridge, security is in the hands of the manufacturers. We’re not there yet, so users can opt for a universal solution that protects their entire home or can at least follow some simple guidelines for a secure online infrastructure by changing default passwords to stronger unique passwords, perform software updates on devices and not accessing suspicious links.
