What’s New
Technology
Products
Blogs
Resources
Company
English
Legal
Technology
Self-Learning AI
Autonomous Response
Intelligence Augmentation
Attack Path Modeling
Cyber AI Research Centre
Products
Enterprise Immune System
Industrial Immune System
Darktrace Antigena
Cyber AI Analyst
Darktrace for Cloud
Darktrace for SaaS
Darktrace for Email
Darktrace for Endpoint
Darktrace for Network
Darktrace for OT
Darktrace for Microsoft
Darktrace for Ransomware
Integrations
Blogs
Darktrace Blog
Inside the SOC
Resources
Upcoming Events
On-Demand Events
Industries
Videos
White Papers
Data Sheets
Case Studies
Third-Party Reports
Company
Company Overview
Investors
In the News
Press Releases
Darktrace Community
Darktrace Education
Awards
Partners
Executive Team
Subject Matter Experts
Board of Directors
Advisory Council
Careers
Contact
Deutsch
English
Español
Français
Italiano
Português
日本語
한국어
What’s New
Technology
Products
Blogs
Resources
Company
Darktrace Blog

The Internet of Stranger Things

Dave Palmer, Director of Technology | Monday December 5, 2016

To take down DNS provider Dyn, hackers exploited critical vulnerabilities in the Internet of Things. Vital internet services crashed, including Twitter, Amazon, and Netflix. Experts now suggest that amateurs may have been behind the attack. This begs the question — if amateurs can use IoT to wreak havoc, how will more sophisticated attackers proceed?

As IoT devices become increasingly prevalent — and as ransomware has skyrocketed by 259 percent in just five months — criminals will start to look at essential business equipment as a viable target. Healthcare machines like insulin pumps and MRIs are now network-connected, as are Boeing 787s, oilfield sensors, wind turbines, quality control machines, and more.

By taking control of essential equipment, a criminal can bring business to a grinding halt, either demanding payment to regain access, or sabotaging the equipment beyond repair.

But IoT attacks also don’t have to be so obvious. Once a criminal has control of a network device, they can subtly alter its data. For instance, by changing results obtained from a drilling company’s sensors, a criminal can trick them into mining a depleted area.

This represents a far more insidious kind of attack. With critical equipment under their control, a criminal can quietly tweak bank account numbers, medical results, or blueprints. Just a small change can prove catastrophic, and given the ubiquitous nature of IoT devices, every industry is vulnerable. Worse still, you may not realize until it’s too late.

By comparison, the Dyn attack seems rather crude.

To be sure, the DDoS attack on Dyn was eye-opening. In the course of a day, we learned the ease with which lackluster IoT security can be exploited for massive cyber-attacks. In this instance, the attacker created a Mirai botnet using home devices to overload the Dyn servers with attack traffic reported to be as high as 1.2 Tbps.

But the Dyn attack is just the beginning. Whether through a subtle attack or an aggressive ransomware extortion, modern businesses are facing substantial new threats because of the IoT. Our security approach needs to reflect this new reality. Fortunately, self-learning immune systems are here, and they can automatically adapt to protect even the newest technologies within our digital ecosystems.

For more on the future of IoT security, sign up for my webinar to learn how cyber-attacks will soon be powered by AI.

Dave Palmer

Dave is the Chief Product Officer at Darktrace, overseeing the mathematics and engineering teams and project strategies. With over 13 years’ experience at the forefront of government intelligence operations, Dave has worked across UK intelligence agencies GCHQ and MI5, where he was responsible for delivering mission-critical infrastructure services, including replacing and securing entire global networks, the development of operational internet capabilities and the management of critical disaster recovery incidents. He acts as an advisor to cyber security start-ups and growth-stage companies from the UK Government’s Cyber Security Accelerator and CyLon. His insights on AI and the future of cyber security are also regularly featured in the UK media. He holds a first-class degree in Computer Science and Software Engineering from the University of Birmingham.

Recent posts

Zak Brown on innovation and cyber security at McLaren
Tuesday May 3, 2022
How AI lets Priefert Manufacturing stay productive without sacrificing security
Tuesday April 26, 2022
How Darktrace’s Cyber AI Analyst accelerates reporting incidents to the US federal government
Wednesday April 13, 2022
The journey towards business-wide autonomous security
Wednesday March 30, 2022
Autonomous Response stops a runaway Trickbot intrusion
Wednesday March 23, 2022
Why Lighthouse Global uses Self-Learning AI to shine a light on spear phishing attacks
Thursday March 10, 2022
Read more