Hi everyone, as the discussion leader this week, I’m posting my favorite cyber security news article of the week and adding a few questions for our group discussion. The article is “The Inevitability of Being Hacked,” The Atlantic, on October 28, 2016:
I love this article because the author brings to life the massive DDOS from 2 weeks ago through the Internet of Things. In the article, the author describes how he rented a small server on Amazon, set up what appeared to be an unsecured web device that he called an “internet toaster”–essentially set up a honeypot–and experienced his first hack attempt just 40 minutes later. Bots tried different IP address and different typical passwords, like default passwords for electronic equipment, and were unsuccessful. However, the hacks were successful weeks ago or else there would not have been an IoT DDOS attack that made the news.
How should the target of such a massive DDOS attack deal with the attack and minimize damage or opportunity cost of shutting down a website or device?
How can manufacturers of Internet of Things devices prevent this from happening in the future?
Are there more sinister uses of controlling Internet of Things than just directing a DDOS attack? Can Internet of Things be controlled to do more physically dangerous things?