Technology
Products
Blog
Resources
Company
English
Technology
Self-Learning AI
Autonomous Response
Intelligence Augmentation
Products
Enterprise Immune System
Industrial Immune System
Darktrace Antigena
Cyber AI Analyst
Darktrace for Cloud
Darktrace for SaaS
Darktrace for Email
Darktrace for Network
Darktrace for Microsoft
Darktrace for Ransomware
Integrations
Resources
Darktrace Events
Industry Events
On-Demand Events
Industries
White Papers
Data Sheets
Case Studies
Video Features
Industry Analyst Reports
Company
Company Overview
Investors
In the News
Press Releases
Darktrace Community
Darktrace Education
Awards
Partners
Executive Team
Subject Matter Experts
Board of Directors
Advisory Council
Science and Technology Committee
Careers
Contact
Deutsch
English
Español
Français
Italiano
Português
日本語
한국어
Technology
Products
Blog
Resources
Company
Darktrace Blog

The Internet of Stranger Things

Dave Palmer, Director of Technology | Monday December 5, 2016

To take down DNS provider Dyn, hackers exploited critical vulnerabilities in the Internet of Things. Vital internet services crashed, including Twitter, Amazon, and Netflix. Experts now suggest that amateurs may have been behind the attack. This begs the question — if amateurs can use IoT to wreak havoc, how will more sophisticated attackers proceed?

As IoT devices become increasingly prevalent — and as ransomware has skyrocketed by 259 percent in just five months — criminals will start to look at essential business equipment as a viable target. Healthcare machines like insulin pumps and MRIs are now network-connected, as are Boeing 787s, oilfield sensors, wind turbines, quality control machines, and more.

By taking control of essential equipment, a criminal can bring business to a grinding halt, either demanding payment to regain access, or sabotaging the equipment beyond repair.

But IoT attacks also don’t have to be so obvious. Once a criminal has control of a network device, they can subtly alter its data. For instance, by changing results obtained from a drilling company’s sensors, a criminal can trick them into mining a depleted area.

This represents a far more insidious kind of attack. With critical equipment under their control, a criminal can quietly tweak bank account numbers, medical results, or blueprints. Just a small change can prove catastrophic, and given the ubiquitous nature of IoT devices, every industry is vulnerable. Worse still, you may not realize until it’s too late.

By comparison, the Dyn attack seems rather crude.

To be sure, the DDoS attack on Dyn was eye-opening. In the course of a day, we learned the ease with which lackluster IoT security can be exploited for massive cyber-attacks. In this instance, the attacker created a Mirai botnet using home devices to overload the Dyn servers with attack traffic reported to be as high as 1.2 Tbps.

But the Dyn attack is just the beginning. Whether through a subtle attack or an aggressive ransomware extortion, modern businesses are facing substantial new threats because of the IoT. Our security approach needs to reflect this new reality. Fortunately, self-learning immune systems are here, and they can automatically adapt to protect even the newest technologies within our digital ecosystems.

For more on the future of IoT security, sign up for my webinar to learn how cyber-attacks will soon be powered by AI.

Dave Palmer

Dave is the Chief Product Officer at Darktrace, overseeing the mathematics and engineering teams and project strategies. With over 13 years’ experience at the forefront of government intelligence operations, Dave has worked across UK intelligence agencies GCHQ and MI5, where he was responsible for delivering mission-critical infrastructure services, including replacing and securing entire global networks, the development of operational internet capabilities and the management of critical disaster recovery incidents. He acts as an advisor to cyber security start-ups and growth-stage companies from the UK Government’s Cyber Security Accelerator and CyLon. His insights on AI and the future of cyber security are also regularly featured in the UK media. He holds a first-class degree in Computer Science and Software Engineering from the University of Birmingham.

Recent posts

The art of cyber-war
Thursday July 29, 2021
Crypto-botnets moving laterally
Monday July 26, 2021
Data exfiltration in Latin America
Tuesday July 20, 2021
Egregor ransomware: Gone but not forgotten
Thursday July 15, 2021
Minimizing the REvil impact delivered via Kaseya servers
Friday July 9, 2021
How cyber-attacks take down critical infrastructure
Thursday July 8, 2021
Read more