Site Loader
Rock Street, San Francisco

 

Exploitation
of the Internet of Things vulnerabilities
      DDoS Attack on Oct 21,2016

 

 

By

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

Elizabeth
Joshi

 

 

 

 

IFT 598
– Managing Intelligent Devices

Activity
– 1

 

 

 

 

Dr.
J. Helm

 

 

 

 

ARIZONA STATE UNIVERSITY

TABLE OF CONTENTS

 

ABSTRACT………………………………………………………………………………………3

INTRODUCTION………………………………………………………………………………..4

 

SECTION-1: OVERVIEW
……………………………………………………………………..

1.1
Internet of things…………………………………………………………………

1.2
DDoS attack…………………………………………………………………….

1.3
Botnets……………………………………………………………………………

 

SECTION-2: CASE
STUDY…………………………………………………………………….

2.1
Oct 21st Attack scenario………………………………………………………………

2.2
How IOT helped in the
attack?…………………………………………………………………………..

2.3
How the attack could have been
avoided?……………………………………………………………..

 

CONCLUSION…………………………………………………………………………………..

FUTURE SCOPE AND
RECOMMENDATION……………………………………………..

REFERENCES………………………………………………………………………………..

APPENDIX…………………………………………………………………………………….

 

 

 

 

 

ABSTRACT

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

INTRODUCTION

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

SECTION-1: Overview

1.1 Internet of Things

Internet of Things
can be defined as a network of various things that we use in our daily lives to
make our life easier and more manageable. The internet of things includes the
home appliances, the electronic devices, vehicles and other physical devices
all embedded with sensors and operating systems and other electronic media to
interconnect and interact with the internet to form one combined system. Having
an inter-connected system improves our lifestyle and reduces manual effort and
maintenance needed for each of these devices. Each of it is uniquely
identifiable and can relate to the existing infrastructure of the internet
which helps it to inter-operate and work things real-time. 

The physical world
is to be controlled more and more by computer based systems which would reduce
error and human intervention and increase efficiency and economic benefits of
the system. The system can be controlled remotely across the internet
infrastructure which already exists which is the ease in implementing the
internet of things and molding it along with the existing infrastructure.

The devices that
are included in IOT are built with computing and networking capacity. These
devices are not always built with security in mind which opens the doors for
many attackers in the Un-trust zone waiting to penetrate through and take
advantage of. Thus, IOT not only eases the lives of the users, it also helps
hackers by making their jobs easier and opening diverse options for them. Thus,
we can say that security needs to be the biggest concern of an IOT
infrastructure and needs to be given high importance while building an IOT
system.

It is estimated
after looking at the advantages of letting Internet of things take over the
existing systems that by 2020 there will be more than 30 million objects in
internet of things network.

 

1.2 DDoS Attack

DDoS attack or
Distributed Denial of Service is one of the oldest yet strongest attack that is
used even today to bring down a network and reduce efficiency of the system by
denying service to legitimate users due to an overload of useless traffic. Denial
of Service is the condition when a targeted server or a system is flooded with
bogus traffic or connection requests from different unreliable sources or
overflow of malformed packets, so that the targeted system slows down or
crashes due to the high volume of traffic being passed to it. This causes the
target to crash or deny legitimate traffic and reduce performance or bring the
network down.
A DDoS attack can be initiated by a single hacker sitting with at a place or
can be an organized crime which includes various malicious users sitting at various
locations. It usually begins with a vulnerability in a computer system to be
exploited and once the hacker gets access inside the trusted network it makes
it its Master DDoS system. The Master system then identifies other vulnerable
systems in the inside network and gains control over them. This is usually
attained by infecting the other systems in the network with Malware or by
writing scripts to bypass the authentication controls by guessing passwords or
breaking into the operating system controls.

 

1.3 Botnets

A computer system
or any device in the network which is under the control of a hacker or an
intruder with malicious intentions is called a Zombie or a Bot. The attacker
then creates an army of such bots which are controlled and works like a
command-and-control server network called a Botnet. Such botnets are used to
bring down an entire network by causing DDoS attacks and other such
attacks.  Botnets may consist of many
bots and once the attacker has created his army, all he would command his bots
is to generate and flood the target source with huge traffic to bring down the
system.

 

 

SECTION-2: Case Study

2.1 October 21st Attack Scenario

The cyber attack
on the 21st of October 2016 had brought down most of America’s
internet down and was caused by the well known DDoS attack using an army of
bots called the Mirai Botnets. The victim of this attack was the servers of the
Dyn, which is a company that provides DNS (Domain Name Services) to most of the
internet. The attack brought the internet down and kept users from accessing well
known sites like Twitter, Netflix, Paypal, Amazon, Spotify and many others
which obviously brought in a lot of loss to the respective companies. The
outage was caused because of excessive manipulated requests were sent to the
Dyn Servers which caused it to stop functioning. The overwhelming amount of
traffic caused the outage and stopped the Dyn servers from providing DNS
services to the legitimate requests.  It
took around eleven hours for the issue to get fully resolved which caused disturbances
all around the nation. According to the statistics of the attack inspection, he
Mirai Botnet had around 550,000 active nodes out of which only 10% which is
near to 55,000 nodes were used in this attack. The effects if even 50% of the
planned active nodes had been used was unimaginable. 

 

 

2.2 How
IOT helped in the attack?

Dyn was getting
hundreds and thousands of requests from devices connected to the internet which
caused the outage. This was a planned activity and these nodes that they used
to build the botnet was devices that we use in our daily lives connected to the
internet. The Mirai Botnet was not a regular Botnet designed using different
computers. It consisted of devices like CCTV cameras, Baby Monitors, home
routers, Thermostat, DVRs, and other IOT devices inter-connected to the
internet. The source code of Mirai was released in some dark web sites and is a
easy to use program that allows unskilled hackers to use on the devices
connected to the internet and manipulate them to be malware affected and make
them act accordingly. Thus, using the Mirai source code, a Mirai Botnet was
created which would together be used to send bogus traffic to bring the network
down and cause an outage on the target. It is difficult to distinguish the
bogus traffic from the botnets and the legitimate traffic, which is the reason
the Dyn servers had to process all of them and on reaching the threshold, the
server went down. The IOT devices were used to create the Botnet army as they
were very vulnerable and could be easily exploited. Most of the devices used in
such IOT systems had never used any security measures to protect them to such
an extent that even the passwords were set to the default factory made ones
which was not once changed to enhance the security of the devices.

 

2.3 How the attack could have been avoided?

Exploitation of
the devices connected to the internet can cause serious discrepancy in our
daily life and the economic stands of the nation. The IOT devices have not been
designed with security in mind but everything that is connected to the internet
needs to be made secure as they open up vulnerabilities that could be
exploited. The internet is very vulnerable as well as very integral part of the
basic infrastructure for our survival as it makes our lives easier, but we need
to take the correct precautions needed before letting the system get exploited.
Some steps that should have been followed that could have avoided the attack
are discussed below:

·        
All the default factory manufactured passwords
of digital devices like surveillance cameras, baby monitors, home routers,
smart home devices, DVRs and all other digital devices that are connected to
the internet should be changed immediately after they are deployed. The
passwords should be made strong and changed regularly in short periods.

·        
IOT devices must be only purchased from well
known companies with a guarantee on how secure they are. Most of the times the
cheap available devices do not provide the security needed.

·        
The security patches must be updated every time
it becomes available. The older versions will have bugs that could be
vulnerable.

·        
Universal plug and play option on routers must
be disabled.

Thus, we can say
that if the correct precautions were taken the attack could have been
prevented.

 

 

 

 

 

 

 

 

 

CONCLUSION

 

Majority of the
people does not want to invest in IOT devices as they do not think they are
safe and secure and the incident that was discussed in this paper supports
their decision. A recent survey shows that less than 40 % Americans are willing
to implement and adapt to the IOT devices in doing their daily day to day
tasks.  But on understanding why the
attack was caused and how the consumers were not cautious enough and allowed
themselves to be victimized was the main reason behind the attack. The Internet
of things is going to be moving at a higher pace as the security features are
given the highest priority. Cyber attacks can be prevented by always taking the
correct measures but that does not mean one should avoid using the internet and
make lives more difficult.

Thus, in this
paper we explored numerous benefits and vulnerabilities of IOT using the case
study of the DDoS attack using the IOT devices to cause a major outage.

 

 

 

 

 

 

 

 

 

 

FUTURE SCOPE AND RECOMMENDATION

 

Technology and
attacks have always grown together. Attacks like SQL injection, SQL Slammer,
Web attacks and many other attacks have displayed the weaknesses in technology
and solutions have always been developed to protect the system from these
attacks and make most out of the benefits offered by technology. The future is
going to be all inter connected and is going to be a part of the internet
infrastructure so IOT is going to eradicate manual and monotonous work from every
field. Engineers are working on creating secure IOT systems and making sure these
devices cannot be exploited by Hackers or Botnets. The vulnerabilities are noted
and are fixed in most of the existing IOT systems. Even after the attack on Oct
21st, most of the manufactures recalled their devices that were a part
of the botnet army for the attack to enhance its security features.

As a future recommendation,
admin rights and privileges should be taken seriously for all the devices connected
to the internet and password settings and other security features must be configured
as soon as a device is deployed into the system.

 

 

 

 

 

 

 

 

REFERENCES

 

https://www.usatoday.com/story/tech/2016/10/21/cyber-attack-takes-down-east-coast-netflix-spotify-twitter/92507806/

https://www.beyondtrust.com/blog/iot-bots-cause-october-21st-2016-massive-internet-outage/

https://www.theguardian.com/technology/2016/oct/26/ddos-attack-dyn-mirai-botnet

https://www.welivesecurity.com/2016/10/24/10-things-know-october-21-iot-ddos-attacks/

 

 

 

 

 

Post Author: admin

x

Hi!
I'm Dora!

Would you like to get a custom essay? How about receiving a customized one?

Check it out