The Internet of Things (IoT) is a development that looks to connect the internet into everyday devices and a key part of many industries plans moving forward. However, while it is still in its early stages, its susceptibility to distributed denial of service (DDoS) attacks remains a concern. This was among the findings of Akamai’s Q4 2016 “State of the Internet/Security Report.”
While Akamai did highlight that the number of attacks were lower than expected in relation to the 2016 holiday season, IoT devices were a big source of the DDoS attacks that did occur. Akamai attributed most of the attacks to Mirai, and IoT-based botnet, though a pair of other IoT-based botnets also caused some issues. The growth of IoT devices, Akamai reports, is expanding the pool of attack resources. “As vulnerable devices are added to IoT-based botnets, we expect a second surge in botnet capabilities and DDoS attack size,” per the report.
The report also found that DDoS attacks greater than 300 Gbps are becoming more common. Seven DDoS attacks of more than 300 Gbps occurred in 2016, including three in the fourth quarter; the largest was a 517 Gbps attack from the Spike DDoS toolkit. However, none of these attacks were IoT-based, as Akamai indicates that the more botnets that develop for IoT-based attacks, the less availability they will have for resources.
Still, Akamai expects that the attacks caused by IoT-based botnets like Mirai are more likely to increase in the short term. “The Internet of Things is in its infancy, and device security is only starting to bubble up in the consciousness of IoT developers, the companies that employ them, and governments,” the report wrote. “We expect to see many more vulnerable and compromised devices before devices become more secure. The good news is that there are significant reasons for companies to invest in security in the future.”
Visit Akamai to read the full report.