The IoT industry has a major problem on its hands.
The main issue that has allowed for recent DDoS attacks is the use of default passwords on IoT devices. Until manufactures stop using them (or end users start changing them), these types of attacks won’t go away.
Verizon has revealed in its Data Breach Digest 2017 that an unspecified university’s network was nearly taken down by an attack within the last year.
Analysis of the university firewall identified over 5,000 devices making hundreds of Domain Name Service (DNS) look-ups every 15 minutes, slowing the institution’s entire network and restricting access to the majority of Internet services, according to ZDNet.
“We identified that this was coming from their IoT network, their vending machines and their light sensors were actually looking for seafood domains; 5,000 discreet systems and they were nearly all in the IoT infrastructure,” says Laurance Dine, managing principal of investigative response at Verizon.
The university’s entire network would have been taken down if cybersecurity professionals hadn’t been able to remedy the attack.
It’s frightening how easy it is to hack a device connected to the Internet. If manufacturers don’t abandon default passwords, end users need to make sure to change them before its too late.
READ NEXT: Genetec Discusses Better Cybersecurity at Connect Press Summit
