Bleeping Computer found DDoS Trojan attacks increased almost 30% in 2018 due to poor security in Internet of Things (IoT) devices – this means Alexa, Google Home, and other smart devices. California legislature just passed Bill SB-327 to regulate these devices so they can no longer function as points of breach. Read on for what you should know.
What is DDoS?
Distributed denial of service are attacks where compromised systems are used to send massive amounts of traffic to overwhelm one target. NexusGuard recorded the size of these attacks has also increased dramatically over the past few months. Basically IoT devices are harnessed as botnets (infused with malicious programs) to launch attacks on your server or allow attackers to access your machines.
IoT devices are often used to launch DDoS attacks because of the type of software that runs on them and because these devices are always on. Plus, security is not a priority when you’re creating a functional device like a smart speaker or Wemo plug.
The Bill above is the first regulation in the US that requires these smart devices have extra security measures. It prohibits default authentication credentials to avoid slip ups like that one with the US Air Force. However, the bill describes IoT devices broadly–labeling any device that connects directly or indirectly to the internet and has an IP or Bluetooth address as IoT.
The bill’s introduction is timely as the United States is the target of over 20% of these DDoS attacks.
Do you have a smart device in your house? Here are some precautions you should take:
- Use different networks to connect your IoT devices to the internet– this way they don’t share a network with your personal computer.
- Install an antivirus like McAfee. McAfee encrypts your files and can protect five of your devices– try the annual package for 50% off here.
- Run a FixMeStick scan to ensure none of these DDoS Trojans are burrowing in your files. Get FixMeStick here!