A new era of cyberattacks has dawned upon us. Now, seemingly harmless everyday appliances like printers, digital video recorders, webcams, thermostats and routers are being utilized as minions in distributed-denial-of-service (DDoS) attacks against websites.
DDoS is an attack where a targeted website is flooded by an overwhelming amount of requests from millions of connected machines in order to bring it down. Traditionally, these attacks are launched from compromised computers and mobile gadgets collectively nicknamed "botnet."
However, recent DDoS attacks on a security blogger's website and French website host OVH reveal that now, it's not just computers that are being utilized as botnets - even Internet of Things (IoT) appliances are now fair game.
This means unsecured routers, printers, IP web cameras, DVRs, cable boxes, connected "smart" appliances such as Wi-Fi light bulbs and smart locks can be hijacked and involved in cyberattacks without the owner knowing about it. To remain unnoticed, compromised appliances could be sending out small trickles of data to make the attack discrete. Multiply that by millions and what you have is the perfect DDoS attack vector.
How serious is this? The recent attacks are reported to be the largest targeted DDoS attempts ever, with a sustained data stream of 620 Gbps and even reaching data rates of over a terabit per second, all accomplished by enslaving connected Internet of Things appliances via a trojan program infection.