Last week, many areas of the United States felt the pain of a massive Distributed Denial of Service (DDoS) attack which took down a Domain Name Server (DNS) located in New Hampshire. The DNS Server is responsible for significant Internet traffic across the U.S. It is estimated that upwards of 500,000 IP enabled cameras and DVRs were infected with the Mirai DDoS hack, and utilized to take down the DNS server.
This DDoS attack demonstrates that internet security must be a priority at the consumer, technology professional, and manufacturer level. While the U.S. Government and some manufacturers are taking cybersecurity seriously, there is much work to be done to protect both the global internet infrastructure and users’ privacy. The question remains, how does the IoT experience continue its meteoric growth while mitigating potential threats?
- For manufacturers, the challenge is to build product that does not sacrifice security for convenience. The ability to allow installation professionals to enter secure passwords, close unnecessary ports and, most critically, enable IP connected devices to be securely updated when their software has been compromised is essential.
- For consumers, there are inherent vulnerabilities to having devices always connected to the internet. Hiring a professional to design, install, and maintain all products being used in a connected environment is a step in the right direction to helping secure both the internet and the building the products are being used in. Consumers should review the credentials of anyone installing internet connected devices in their building: This individual should hold professional certification(s) that prove their baseline knowledge.
- For technology professionals, is critical to work with IoT/network device suppliers that take security seriously, and vet them to ensure they are implementing strong security practices. Technology professionals should educate clients on the risks/rewards of network enabled devices.
The internet of things is truly in the nascent stages of development, and so some will argue that these security issues are just growing pains and manufacturers and consumers will soon catch up. While it is true that we are at the beginning of the internet of things and the fourth industrial revolution, failing to address these issues now will stymie both adoption rates and innovation. This attack is a clear wake-up call. The time is now to take internet and device security seriously and face it head on for a more prosperous and secure future.