Hackers Exploit IoT Security Gaps to Take Down Web Host

The IoT – or Internet of Things – is more or less the way of the future for personal technology. Be it refrigerators synced to a grocery list app on your phone, cars which can drive themselves, or whatever new integrated product lies around the corner, the IoT can be best described as attaching web-enabled computers to time-tested appliances. Now for the first time, we can monitor, access, and alter home settings from hundreds of miles away and a whole host of other technological opportunities previously only achievable by the very wealthy.

Yet the major drawback is a reduced level of digital security. These IoT enabled appliances and toys rarely feature the kind of cyber protection common on most desktops, laptops, smartphones, and tablets. Despite this, they just as easily sync with the home Wi-Fi and become portals through which information flows. At the beginning, consumers are mostly concerned about making sure their internet service provider has bandwidth options to account for the uptick in usage. After that, few folks think about security regarding IoT.

That might change soon, especially for any IoT gadget with a camera on it. That’s because hackers have (predictably) found a way to gain control of poorly secured IoT technology with webcam functions.

This is demonstrated by the recent cyber attack on the website of French web hosting firm OVH reported earlier this morning by BBC News. Few details are known with certainty at this hour, but it’s been confirmed the OVH website was brought down by a massive botnet attack – perhaps the largest to date – created by hackers taking remote control of over 150,000 devices and aiming their attention towards the site all at once.

This style of cyber attack is nothing new. The difference this time is that the overwhelming majority of devices which were manipulated to accomplish the attack were web-enabled cameras and other connected devices featuring a webcam. It wound up amounting to over a terabit of digital activity aimed towards OVH, inciting almost instant shutdown. This led to thousands of OVH client sites becoming inaccessible as a consequence.

It seems repairs have already been made and the French web host is back online, but the relatively light smack in the face is a reminder of the potential for a full blown cyber assault via the IoT. Simply put, the ability to remotely take control of these often very primitive systems is far too easy.

In order to make IoT products as cost friendly as possible in order to drum up sales in the infancy of the IoT market, companies have sacrificed a lot on the computer end. To an extent this is not only acceptable but preferred – nobody needs the power of a gaming computer to handle the demands of a web-enabled toaster – but it’s not a greenlight to ignore the need to have strong security nonetheless.

If there is one thing almost guaranteeing increased IoT cybersecurity, it’s the fact that tech giants appear to be the most vulnerable victims. It’s worth reminding the aforementioned botnet attack merely used web-connected camera systems to go after a major tech business. While nobody wants to be used, few consumers directly felt any repercussions from the attack. Knowing it’s the Apples and Googles of the world with something to lose, be assured steps to beef up IoT security are on the way.


Leave a Reply