Sunday,24 November, 2024

Subscribe to Newsletter
HOME
 		  NEWS
 		  Knowledge Center
 		 
News

How Enterprises in UAE Can Defend Against the Next DDoS Cyber Attack

Published Nov 3, 2016

I’m sure you’ve been following the news the recent distributed denial of service (DDoS) attack against Dyn, a company that hosts DNS zones for many companies. The DDoS attack used the Mirai botnet, which consists of thousands of compromised “Internet of Things” devices, including IP cameras and digital video recorders. The DDoS attack sent enormous volumes of traffic—most of it not DNS—to Dyn’s name servers, overwhelming them and rendering them unable to respond to legitimate queries. The result was that many of Dyn’s customers were unreachable from the Internet, including high-profile companies such as Twitter, Amazon, Netflix and Reddit. Here’s what enterprises in UAE need to do to survive the next big cyber attack.

The Dyn attack is a wake-up call to the world – not just to DNS providers, but to all parties involved, including the DNS community, Internet of Things (IoT) device manufacturers, businesses and consumers. The sheer volume of traffic involved and huge number of web sites affected may make the Dyn attack seem overwhelming, but the truth is, by following some simple best practices, we can not only survive attacks like this, but also reduce their size and scope.

Get back to the basics: 3 best practices

1. Build in redundancy. Many companies rely on a single DNS provider like Dyn, leaving them vulnerable to attacks. Instead, businesses need to either deploy some on-premises appliances that can serve as external authoritative name servers – the servers that advertise their DNS data to the Internet – or bring in a second DNS provider. This is no different from ensuring that your company has redundant connections to the Internet. If one set of name servers goes down or is attacked, companies will still have name servers available. Making the external DNS infrastructure more heterogeneous ensures that companies are not putting all of their eggs in one basket.
2. Mix it up, manufacturers. IoT devices are here to stay, from cameras to thermostats to fitness trackers. And traffic from IoT devices will continue to grow. But many IoT devices are inherently insecure from the get-go. Why? Many manufacturers sell these devices with the same default administrator password, which consumers rarely change. Or even if they want to change it, sometimes they can’t figure out how to do it. Either way, attackers have access to a vast network of devices from which to launch DDoS attacks. Simply put, IoT devices cannot be sold to consumers without some basic security measures, starting with unique, randomly generated passwords for each device.
3. Lock it down, consumers. In general, we have a terrible track record when it comes to protecting our information with passwords. The majority of passwords consumers use are easily guessable. We have to try harder. The same goes with Internet-connected devices. Consumers must be savvier about changing the default passwords on everything including cameras, DVRs, routers and printers. And, device manufacturers, in addition to providing each device with a unique preset password, must prompt consumers to create more sophisticated passwords and make it more intuitive for people to be able to do it. Finally, an attack should be a reminder to consumers to check the security of their devices: to make sure passwords aren’t easily guessable, and that devices have been upgraded recently to versions of code without known vulnerabilities.
Take action now

Gartner projects there will be 26 billion IoT devices installed by 2020. That’s more than three devices for every person on the planet. A survey Infoblox conducted of 400 IT executives revealed that although 75% of businesses already have Internet-connected equipment on their networks, 35% say they’re not ready to support IoT yet. Even more eye-opening is that we found that nearly 60% of IT professionals say they’re not doing anything to prepare for the impact of IoT. Do we really want to be ruled by toaster and refrigerator overlords? The IoT threat isn’t even the future – it’s already happening, as demonstrated by the Dyn attack. Implementing best practices for IoT device security must be a top priority for all of us.


Rate This:

Posted by VMD - [Virtual Marketing Department]

Poll
What is your favourite search engine?
Google
Yahoo
Bing

Most Viewed
  Riverbed Launches Industry’s Most Complete Digital Experience Management Solution
  Credence Security to Address Growing Market for GRC Solutions in Middle East Through Partnership with Rsam
  New Mimecast Archive Cloud Capability Streamlines GDPR Management for Email
  Planning and Scheduling Software–Helping Manufacturers Keep Their Customers Happy
  Farsight Security and Infoblox Provide Zero-Hour Protection Against Cyberattacks Due to New Domains
  Fujitsu Launches High-Security Biometric Authentication Solution for Active Directory IT Environments
  Rackspace Wins 2017 Red Hat Innovator of the Year Award
  ServiceNow Survey Shows 2018 as the Year of Automation for Routine Enterprise Work
  4 Tech Hacks to Faster Customer Onboarding
  New Mimecast Report Detects 400% Increase in Impersonation Attacks
Contact Us
Site Map
News RSS
Terms of Use

Developed & Managed By ROOT Technologies - Copyrights ROOT Technologies - All Rights Reserved.