Again one of these days: my corporate laptop needs a restart for applying a critical service pack, and so does my private workstation. Well, let’s grab some coffee and check emails on the smartphone. Oops, here's a critical update in the pipeline, waiting for my OK to be applied to the system.
But as annoying this might be for this very moment, it keeps my systems from becoming a threat, maybe becoming a zombie machine that is secretly working for somebody who wants to ride DDoS attacks and abusing my systems to do so.
Let’s think about the requirements for potential “hosts” again:
- It has to be available in vast numbers
- The patching cycle should be a very slow interval (in best case, no patching at all)
- And it shouldn’t be considered to be a potential threat to IT infrastructure.
Giving these three items a good thinking, made the segment with the highest potential for botnets quite clearly outlined.
It is the shear amount of surveillance cameras everywhere, it is the vast number of devices in households and stores that are connected to the internet – call it a coffee machine or an industrial fridge both connected to a data center for statistics and scheduling refilling/reordering/maintenance cycles. Or your smart TV that is connected to the internet for streaming the latest-and-greatest episode of your favorite TV-Series. Whereas surveillance cameras – not so much smart TVs – are widely recognized be a risk for personal freedom, they and all of their connected “friends” are far from being considered a risk factor or attack surface for IT environments. And therefore, they are almost never-ever being part of security patch schedules at all. And yet they are forming the mega-hyped term of Internet of Things (in short IoT).
But that is exactly what happens now: having a couple of thousand BORG-like IoT devices lined up for a decent DDoS attack. Just have a 100,000 of cameras pinging a server continuously and the server will go down for sure. It may take only a couple of hours but they can keep the attack running for days with ease.
And nobody will have an anxious look at the camera pointing on NYC Time Square or London’s Trafalgar Square or the one viewing on the escalators in a subway station in Vienna as a suspect – but in fact all of them might be part of such a botnet. Or maybe also the pizza cooler at the grocery story just around the corner was also part of it. Or the coffee machine in the office. The usual suspects no longer apply – the attack surface has widened significantly.
Knowing this and being aware of how professional and easy-to-use botnet creating tools are today, implies how important it is to consequently protect the Internet of Things.
Or suffering of a bank heist due to unpatched ATM’s. There are millions of ATM’s out there – how likely is it that all these systems are up-to-date with the security patch levels? Just the sheer number of devices and the short intervals of security updates … You may call it paranoia – I’d call it educated guess.
Having more business done digitally every day and having more maliciousness on the internet every day, too, there is not much to ignore, really. We at Barracuda may not be patching your OS’ but we help you to protect your environment against zero-hour attacks, ransomware, etc.
I, personally, prefer pizza today 🙂
We at Barracuda have exactly the solutions you need for accomplishing this task:
- Barracuda Web Application Firewall
- Barracuda NextGen Firewall F-Series
- Barracuda NextGen Firewall S-Series
- Barracuda Advanced Threat Detection