Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
Cybersecurity News

Defending the Network from Real IoT Threats

By Rishi Agarwal
iothings
July 28, 2015

The Internet of Things (IoT), once the stuff of science fiction, has stepped off the page and into the real world – and the world will never be the same. Analyst firm IDC forecasts that by 2020, 32 billion “things” will be connected: thermostats, refrigerators, parking meters, cars and so on.

More than just the latest technology fad, IoT holds real potential for the business community. Cisco predicts that between now and 2022, $19 trillion in value is at stake for organizations willing to take advantage of the increasingly interconnected world. However, not only legitimate enterprises are looking for ways to profit from IoT.

Cyber criminals demonstrated last year how adept they are at capitalizing on new opportunities and manipulating technology for their purposes. Hackers have become more efficient and effective, developing new methods to manipulate the protocol and accessibility of any home device that has an operating system and an open IP address. They can create a nearly instantaneous volumetric assault on intended targets through the use of a massive number of networked machines (often called botnets or “zombies”). The intent is to flood the network with unnecessary requests that eventually lead to a server crash or the insertion of malware into the network. Either way, it’s bad for business and brand reputation, and very bad for the bottom line.

The Threat Landscape Expands

Consumer Internet routers have today become instruments of what is now known as the simple service discovery protocol, or SSDP, reflective amplification distributed denial-of-service (DDoS) attack. It’s a long name with a significant impact; globally, more than 7 million SSDP devices have the potential to be exploited to launch SSDP and other DDoS attacks.

Last year, this kind of attack gained in popularity. SSDP attacks use smart devices (routers, webcams, etc.) to amplify attack bandwidth by as much as 75 times. With IoT bringing billions of such devices online, there will be an exponential growth in this type of attack.

Today’s smart devices include vulnerabilities such as:

  • Always on. Unless you have programmed all the “things” in your home to automatically shut down when you leave or go to sleep, connected appliances, routers and webcams generally stay online 24 hours a day, seven days a week.
  • Fairly high bandwidth. A router’s job is to provide your household with the bandwidth you need to stream movies, access the Internet and send email.
  • Password problems. The majority of us create weak passwords, just for the sake of convenience. But like your PC, Mac or phone, any equipment that connects to the Internet must be password-protected. While consumers are familiar with creating passwords in those environments, accessing the interface to password-protect a router or webcam may not be quite as intuitive.
  • Standards are lagging. Though federal standards bodies are looking into these types of attacks and developing recommendations, it is not up to the manufacturers to secure the consumer home network. Instead, currently this responsibility falls to the consumer who purchases the device.
  • Upgrade cycles are long. When was the last time you updated the firmware on your router? Most of us would say, “Never.” In fact, certain smart devices may never be upgraded after deployment.

Defending the Network in the IoT Age

Though enterprises and vendors are working on solutions to protect IoT devices, but in the interim, the battle against DDoS will continue to challenge enterprises and ISPs. At RSA 2015 in San Francisco, IDC analyst Chris Christiansen noted that with consumer devices, there is no money in security. He went on to say that as such, the security that is embedded in a consumer IoT device is minimal, which, he noted, will eventually lead to major privacy and future litigation issues, especially in Europe.

Traffic-based attacks that lead to latency or network crashes can be prevented, but enterprises, ISPs and hosting providers need to think outside of the traditional security stack. When looking for solutions to mitigate DDoS attacks, it is important to not only defend against DDoS attacks on the transport layer, such as flood attacks related to SYN, SYN-ACK, ACK, FIN/RST, UDP, ICMP and IP Fragment, but also those targeting the application layer, such as HTTP GET/POST Flood, slow-rate attacks, DNS attacks, game service attacks and audio/video attacks. Furthermore, in terms of application scenarios, look for solutions that defeat DDoS attacks launched via a multitude of agent servers, like CDN and WAF gateways.

There are even more evolved solutions available. Instead of relying solely on traditional fingerprint matching or similar methods, for example, advanced DDoS mitigation solutions also conduct behavior anomaly detection, which can then be filtered through an intelligent multi-layer identification and cleaning matrix. This consolidates the mechanisms of anti-spoofing, protocol stack behavior analysis, specific application protection, user-behavior analysis, dynamic fingerprint identification, bandwidth control and so forth.

There’s no question that IoT is changing the way we do business, the opportunities that lie before us, and the security threats we face. Government and financial standards bodies are working on creating policies to safeguard both businesses and their customers, but such undertakings usually take a long time to be finalized. Meanwhile, enterprises and hosting providers should look to implement DDoS protection solutions that monitor for and defend against SSDP and other attacks.

For more detailed information about SSDP DDoS attacks, other DDoS attacks from 2H2014 and predicted potential threats for 2015, download the NSFOCUS DDoS Threat Report here: http://www.nsfocus.com/2015/SecurityReport_0416/196.html

KEYWORDS: Internet of Things (IoT) network security security convergence

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Rishi Agarwal is Chief Evangelist and Director of Product Marketing at NSFOCUS, Inc. He has 12+ years’ experience in Product Marketing, Strategy, Business Development and Product Management. He has broad domain expertise in Network Security, Compute and Storage. Prior to NSFocus, he was a Senior Manager at Arbor Networks. Additionally, he has worked for leading technology vendors such as Microsoft, Intel and SanDisk.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Logical Security
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Subscribe For Free!
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Pills spilled

More than 20,000 sensitive medical records exposed

Laptop in darkness

Verizon 2025 Data Breach Investigations Report shows rise in cyberattacks

Coding on screen

Research reveals mass scanning and exploitation campaigns

White post office truck

Department of Labor Sues USPS Over Texas Whistleblower Termination

Computer with binary code hovering nearby

Cyberattacks Targeting US Increased by 136%

2025 Security Benchmark banner

Events

September 29, 2025

Global Security Exchange (GSX)

 

November 17, 2025

SECURITY 500 Conference

This event is designed to provide security executives, government officials and leaders of industry with vital information on how to elevate their programs while allowing attendees to share their strategies and solutions with other security industry executives.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • factory worker

    Defending manufacturing facilities from security threats

    See More
  • internet of things

    IoT: The Internet of Threats and how users can defend themselves

    See More
  • blurred keyboard with wavy lines

    The impact of quantum computers and IoT devices on network security

    See More

Related Products

See More Products
  • databasehacker

    The Database Hacker's Handboo

  • Photonic-Sensing.gif

    Photonic Sensing: Principles and Applications for Safety and Security Monitoring

  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing