If it seems like your favourite sites have been down more than usual this year, you’re not alone. Late last month, major DDoS attacks left much of the United States unable to connect to any websites. Those attacks were just the latest in a marked increase in attacks across the internet.
A new report from noted content delivery network Akamai reveals that DDoS attacks, the attacks most commonly associated with downed websites, are up 77 per cent over the last year. Many of those attacks aren’t the small DDoS attacks that leave blogs or private torrent sites down, but rather “mega attacks” that consume over 100 Gbps of bandwidth. In fact, while the total number of DDoS attacks occurring between the second and third quarter of 2016 decreased by eight per cent, the crippling mega attacks increased by 58 per cent. (For reference, the average DDoS attack that can leave your favourite site devastated rarely reaches 1 Gbps.)
Akamai places the blame on large Internet of Things botnets, like the Mirai botnet that wiped out Twitter along the entire US eastern seaboard in October. Mirai is so devastating because it focuses on vulnerable and ubiquitous hardware, like DVRs, routers and IP security cameras. These devices have all become increasingly popular over the last five years, but the security they employ is simply too sparse and, as Akamai says in its report, lacking in “basic hygiene”. That leaves them a ripe target for hackers, who can infect them easily and deploy them en masse for gigantic attacks.
To keep your network clean and the internet at large running smoothly, be sure to regularly change the passwords on any device that connects to the internet and turn on the firewalls that come on most routers. This will mitigate botnet infections, but it won’t necessarily stop them altogether. Stopping the threat will take significant effort on the part of manufacturers of IoT devices. You can expect to see more outages as long as manufacturers continue to ship out unsecure IoT gear, while also failing to update and improve security on the millions devices already in the wild.