Risks for telecom operators and other market participants
Posted: Sat Feb 08, 2025 8:22 am
To collect information, hackers no longer need to hack a company's server; they can simply exploit a vulnerability in a user's device. This makes their task much easier - lists of vulnerable devices can be found freely available on the Internet.
Attackers use smart devices to create botnets to then launch powerful cyberattacks, such as DDoS attacks. Simultaneous requests to a server from multiple devices make legitimate connections impossible. For the user of the infected device, DDoS attacks easily go unnoticed because they run in the background. However, they can cause huge damage to companies, as was the case with the provider Dyn, which served many large sites such as Twitter and Reddit.
Just a few months after the Dyn DDoS attack, German france mobile database company Deutsche Telekom suffered a similar attack. Attackers used the routers of 1.25 million users, cutting off their internet connection for several hours.
Solving the problem of IoT device security
The market dictates its own rules, and manufacturers are forced to release gadgets quickly and at a low price. And they either do not prioritize security or are not sufficiently aware of the risks, as a result - they produce vulnerable devices that often cannot be updated.
Creating additional protection for smart devices is quite difficult. Due to the wide variety of devices, security vendors need to develop a solution for each platform. In addition, the resources of an IoT device are limited, they are already configured to perform a specific task, and an additional security add-on can reduce the performance of the device. Therefore, the current state of IoT device security is more like a “do-it-yourself” than a professional level, since today there is simply no available base to provide complete protection.
Attackers use smart devices to create botnets to then launch powerful cyberattacks, such as DDoS attacks. Simultaneous requests to a server from multiple devices make legitimate connections impossible. For the user of the infected device, DDoS attacks easily go unnoticed because they run in the background. However, they can cause huge damage to companies, as was the case with the provider Dyn, which served many large sites such as Twitter and Reddit.
Just a few months after the Dyn DDoS attack, German france mobile database company Deutsche Telekom suffered a similar attack. Attackers used the routers of 1.25 million users, cutting off their internet connection for several hours.
Solving the problem of IoT device security
The market dictates its own rules, and manufacturers are forced to release gadgets quickly and at a low price. And they either do not prioritize security or are not sufficiently aware of the risks, as a result - they produce vulnerable devices that often cannot be updated.
Creating additional protection for smart devices is quite difficult. Due to the wide variety of devices, security vendors need to develop a solution for each platform. In addition, the resources of an IoT device are limited, they are already configured to perform a specific task, and an additional security add-on can reduce the performance of the device. Therefore, the current state of IoT device security is more like a “do-it-yourself” than a professional level, since today there is simply no available base to provide complete protection.