From connected vehicles and vending machines to smart meters and wearables. The Internet of (connected) things (IoT) is promising to change our daily life as we know it, making it easier, better and more efficient. The recent massive Distributed Denial of Service (DDoS) attack, however, disrupted some of the most popular Internet services like Twitter and AirBnB. Carried out using an army of IoT botnets, the attack raised alarm bells with service providers. It proved that besides the smart and cool experiences IoT devices can deliver, there is a big security risk that cannot be overlooked.
I was abroad this week when Brazilian court has ordered mobile operators in the country to block WhatsApp for 72 hours due to a dispute over access to encrypted data (the decision was reversed and service restored a day later). WhatsApp refused to turn over chat records related to a drug investigation to the courts, claiming these records are not accessible following the newly implemented end-to-end encryption capabilities.
Many organizations, including financial institutions, gaming companies, telecom networks and other enterprises, experience DDoS attacks even though they are equipped with a Firewall and IPS. Ironically, during a DDoS attack these security functions are likely to become the weakest link of the entire network security.