death of the internet

The Internet is Officially Dead!

death of the internetAnd what killed the internet? The Internet Of Things. I may be exaggerating a bit as the Internet isn’t truly dead, but there are forces at work that may significantly affect our use of the internet -and not in a good way- and those forces are items you most likely have in your home right now; refrigerators, TVs, security cameras, HVAC systems, and more.

What’s an IoT?

In its simplest form the Internet of Things, or IoT, is a network of internet connected devices, or appliances, and while “things” seems a bit casual for such a description it stems from the vast variety of these devices. Any device that connects to the internet is an IoT device and some may not be apparent. You see, in the last several years manufacturers saw the benefits available by adding internet connectivity to their appliances and devices, even if that benefit was mostly in marketing the product. CEOs said, “Let’s add internet to our TVs.” Appliance companies added internet connectivity to refrigerators, thermostats, security cameras, and just about anything else they thought the consumer would buy more of if they added the term “internet connected” somewhere on the box. How does a manufacturer add internet connectivity to a product? By adding a computer. That’s right folks, many TVs, cars, radios, security systems, cameras, and even refrigerators have computers inside that can connect to the internet!

People bought these items in droves. They enjoy NetFlix movies on their TV. They feel warm and fuzzy when receiving a text message from their refrigerator letting them know they need a gallon of milk and a dozen eggs. They feel confident locking their front door or checking the status of their garage from their smart phone. They feel secure knowing they can see video from their front door on their phone.

What is a DDOS?

The internet is a wonderful and powerful tool for humans providing benefits we could only dream of 20 years ago. The internet is much like a big shiny city where anyone can go anywhere and do anything, but like any city, there are dark alleys and shady individuals who will take advantage of any opportunity for their own benefit. Readers of DCT, like yourself, know they must protect themselves and their computers while on the internet by following safe practices, updating often, and using Antivirus software along with a little common sense.

One of those internet dark alleys is named DDOS, or Distributed Denial of Service attack, in which a number of compromised computers and their internet connection are used as a group to bring down a website. During a DDOS attack the compromised computers are instructed to bombard the target with junk data that overwhelms the site’s ability to respond and during an attack the site or network is completely inaccessible to the general public. Think of it like 100 cars trying to park in your driveway at the same time. Past DDOS targets have included the Playstation network, Xbox Live network, and multiple government websites.

In common cat and mouse fashion the bad guys come up with an attack and the good guys find a way to circumvent it. Lather. Rinse. Repeat. In the case of DDOS’s there are companies that specialize in mitigating the affects of the attack by using specially designed networks and one of the most well respected is Akamai.

ATTACK of the IoT!

krebs ddosOn September 23rd our good friend Brian Kreb’s website, krebsonsecurity.com, became the subject of a large scale DDOS attack. An attack of such levels that it overwhelmed the resources of Akamai. Reports suggest the bandwidth of this attach approached 620 gigabits per second, which is a new record for this type of attack. Think about that for a moment. 620 gigabits per second is the approximate total bandwidth of 12500 normal 50 megabit internet connections or 620 large businesses. Previous attacks, such as the Spamhaus attack in 2013, had approached 300 Gbps and were thought to be “internet threatening” at the time, so 620 Gbps is concerning.

So what is the root of a previously unheard of 620 gbps DDOS attack? A nation state? Nope. A refrigerator? Possibly. In this case it was IOT devices. That’s right, TVs, refrigerators, webcams, and routers were being used to attack a website at previously unheard of levels.

The IoT problem

It’s hard to fathom these devices doing harm, but there are several underlying issues that you should be aware of that make this possible:

  1. Most consumers don’t understand how these devices work or the security implications associated with them.
  2. The devices are usually inexpensive and not much consideration is given to security.
  3. Firmware often isn’t updated if security holes are discovered, especially on older products
  4. Manufacturers need to release newer models for income and older models are not supported.

The number of IoT devices being sold is staggering and criminals along with foreign governments are watching. They know that IoT devices are soft targets often connected to the internet with little forethought and often shipped with software bugs that will likely never be patched.  According to Symantec, malware targeting IoT devices is rising at an alarming rate.

What to do?

I don’t really have an answer, but I do have a few suggestions you should consider before you buy or use an IoT device:

  1. Do you really need the device connected to the internet?
  2. Change any default passwords immediately.
  3. Ask what information the device collects and who it is shared with.
  4. Ask how long the manufacturer will support the device.
  5. Ask what websites and services the device needs to connect to.
  6. If you are tech savvy, configure your network to limit the IoT device connections to only those websites and services required.

So, who has an internet-connected refrigerator? Let me know below!

5 thoughts on “The Internet is Officially Dead!”

  1. David,

    To the ordinary user this will mean nothing until crisis time. To the companies that are so profit driven that they refuse to listen to their tech support, it will be some other person’s fault when the system come tumbling down around them. Even if my devise(s) could connect to the Internet, I would think twice before allowing them to do so. First of all, if I am going to spend hard earned dollars on an appliance, I want it to work as the appliance. Connecting to the Internet for some additional control would be not important.

    I see this pending crisis as an opportunity. It is now time for a company to re-invent the Internet with better controls and safety in mind. Maybe someone already has and it is being kept secret and only offered to those companies who are really safety conscious. The evidence goes against this as so many BIG companies are still being hurt. Governments and institutions too.

    The Internet, as it stands, cannot be the best way to communicate across the existing infrastructure. So smart individual stands to become an instant hero (and rich) if they can sidestep this current problem by inventing a NEW Internet.

    Tom

  2. Forget refrigerators, my new Microwave and stove both sync using Bluetooth for fans, light and time, and both can be controlled by a smartphone to turn on, off, burner temp, stove temp and time, and cooking almost anything. I engaged the Bluetooth since someone would have to be at my house to mess with, but not the wifi yet. As Dave says it could be freely to come home and find your stove oven and all five burners going at max temp, and a microwave running dry. Another fault with programming the items is if you are cooking and power goes out, you have to wait around till it comes back on, otherwise my stove will start up the oven or burner that I had on. And without power th4re is no way to turn off the digital controls except to pull stove out and unplug it. Isn’t life great in the digital world?

Comments are closed.

Scroll to Top