Hackers have unleashed one of the largest internet attacks ever recorded by utilising Internet of Things (IoT) devices, such as thermostats, webcams and smart lights. IoT is the lighting industry’s great white hope, as revenues from luminaires start to decline.
Last week, internet service provider OVH, experienced the largest Distributed Denial-of-Service (DDoS) attack ever recorded.
The attack involved the ‘enslaving’ of IoT devices as botnets, so that they could then be manipulated to attack websites. The hijacked devices send messages to flood a web-server (in this case OVH) with requests, overloading it and causing it to crash.
During the OVH attack, 150,000 IoT devices were manipulated to crash OVH’s server, a worrying sign that the Internet of Things is still extremely vulnerable to attack. The OVH onslaught is just the latest in a long line of strikes that have been powered by hijacked IoT devices.
The IoT powered onslaughts are only likely to worsen after the release of the Mirai botnet source code into the public domain. The code has been used to cause many of the recent DDoS attacks and the information needed to carry out strikes in now available to all.
As lighting company’s rush to get IoT products to market in order to take advantage of what will undoubtedly be a revolution in the way we manage our homes, many security experts are concerned that manufacturers are taking short cuts when it comes to security, leaving users dangerously exposed.
Security experts are worried that IoT devices are being built upon outdated operating systems using code that has not been properly tested for security loopholes, which hackers will exploit.
DDoS onslaughts are usually carried out by criminals looking to blackmail the company they are attacking, however many firms are sill not investing enough in online security, despite the obvious and growing risks.
- Hacking will be dicussed in the IoT Arena at this year’s Lux Live. In a unique live demonstration, Ken Munroe of Penetration testing and security services, the UK’s leading ethical hackers, will conduct live penetration testing to explore the robustness of the systems produced by the industry. You can find out more here. The LuxLive 2016 exhibition will be held in London on Wednesday 23 November and Thursday 24 November 2016.