Ai Editorial: Assessing exploitation of connected devices for DDoS attacks

First Published on 15th March, 2017

Ai Editorial: DDoS or distributed denial of service are damaging for all e-commerce entities, and IoT-based botnets are only adding to the threat of disruption to services, writes Ai’s Ritesh Gupta

 

Businesses need to gear up for the era of Internet of Things (IoT), make the most of tokenization offering for contextual commerce, realign the flow of work across the business to service customers better…pressure is immense on organizations, including airlines, to evolve and embrace digital disruption.

But an inherent weakness in a technology or devices can result in a cyber assault, and airlines need to be wary of the same.  

A prime example is IoT continuously being exploited and used in cyber criminal activity. It is important to assess how to counter concerns such as IoT fuelling future DDoS (distributed denial of service - a host of compromised systems launch an assault on one target, thereby triggering denial of service for users of the targeted system) attacks.

This point is being raised as the number of attacks, the severity of such strikes and even the revelation of vulnerabilities can throttle a move towards change. This is not to discourage what an airline needs to do to embrace digital transformation, but rather prepare for any move in a meticulous manner.

Be it for online banking, retail or travel, e-commerce as a sector has to counter such malicious moves.

Relatively easier to hack now

At a time when passengers expect a real-time answer or action on their feedback, what airlines need to be wary of is a break in any of the touchpoints and tighten their security.

The more devices an airline connects to the Internet, the more exposed this carrier would be to potential attacks.

It is being highlighted that the technical proficiency needed to perform cyber attacks is on the decline. Malware and services such as DDoS are easily acquired on the dark web. Other than DDoS, ransomware on connected watches, fitness trackers and TVs is expected to pose another challenge.

In their recently released report, National Cyber Security Centre (NCSC), the national technical authority for cyber security in the UK, stated that the degree of cyber threat varies from technical skills being “bought” to persistent threats involving custom-built malware designed to compromise specific targets.

Being digital first also means tighter security

If we talk of mobile-first engagement, attacks such as the one reportedly featuring Tesco Bank in the UK (it was reported that either Tesco’s internal systems or their mobile application were breached) put a question mark over the security of mobile apps. There are steps that airlines definitely need to focus on – additional layer of security in the form of biometric recognition or facial recognition, end-to-end encryption, working on mobile app security testing as part of the software development lifecycle etc. As for mobile-related threats, specialists point out organizations need to be wary of elevated permissions to install further malware such as keyloggers which could be used to steal login credentials, SMishing often proving to be more effective than traditional PC phishing campaigns etc.

But even as mobile malware is growing (surely can’t be ignored), it is the IoT that is proving to be a bigger concern. It has expanded the risk to all customer devices becoming compromised or attacked. Poor security practices in connected devices is coming to the fore. With feeble security, IoT devices are resulting in DDoS attacks. Not surprisingly, the list of vulnerable areas now features attacks on building blocks on which the Internet runs.  

For instance, the looming threat from the Mirai botnet. This botnet is being monetized today by cyber criminals for a large DDoS. It scan IP addresses across the internet looking for insecure devices. As per the information available, Mirai, a malware infecting vulnerable, connected devices, scans for 68 user name and password mishmash when attempting to infect and control a connected device.

The emergence of botnets means cyber attacks are only getting sophisticated. If we talk of “threat actors”,  there is this trend of learning from, hiring and working with one another. Akamai recently highlighted that the largest DDoS attack in their network came from Spike, a malware that has been around for over 24 months. This points to the fact that botnet operators take the emergence of Mirai botnet as a challenge, and try to compete and prove more hazardous with their next attack!  

What to consider?

Protecting the disparate components of the IoT ecosystem is vital.

Such devices need to be protected considering that they are operating in a digital environment. Equally important is the security of data transfer featuring the IoT devices and the platform. Data and privacy breaches continue to be on the rise. Also, a secure API platform is must.

Specialists also have been clarifying some of the misconceptions. According to Imperva, a data and application security specialist, even high bandwidth won’t shield a site from concentrated packets-per-second (PPS) and application layer attacks (no amount of bandwidth can guarantee 100 percent uptime), and there in no point in relying on a pre-existing appliance to block an incoming DDoS assault.

E-commerce entities, be it for airlines or online travel agencies, need to look beyond common vulnerabilities such as SQL injections or Local File Inclusions. So be it for working out scalable threat prevention security for any cloud - public, private and hybrid or trained staff or to working out right security architecture as well as documenting all networks with known traffic flows and shielding all disparate components of the IoT ecosystem, a detailed preparation is needed to protect the digital assets.

 

Are you bold enough to survive in the brave new world?  Assess your preparedness at 11th Airline & Travel Payments Summit (ATPS).

Date: 03 May 2017 - 05 May 2017   

Location: Berlin, Germany 

For information, click here

 

Follow Ai on Twitter: @Ai_Connects_Us