188.8.131.52 Lab – Evaluate Recent IoT Attacks (Instructor Version)
- Part 1: Research Recent IoT Attacks
- Part 2: Describe Mitigation Techniques
Background / Scenario
As the number of IoT devices continue to grow at an exponential rate, so are the number of attacks on these devices. There are a wide variety of attacks on IoT devices that have been documented and reported on the news.
As an IT professional working with IoT devices, it is important to be aware of the wide range of attacks and vulnerabilities that have occurred on these devices. It is also important to know how to defend against and minimize the damage from these types of attacks.
- PC or mobile device with Internet access
Part 1: Research Recent IoT Attacks
In this part of the lab, you will research and describe three different types of IoT attacks using the following steps:
a. Launch your favorite web browser and go to your favorite search engine, such as Google.com.
What key terms will you use to search for recent IoT related security attacks?
b. Go through the results and find the most interesting attacks that have occurred within the last 5 years.
c. Choose three different types of attacks to document in this lab.
d. Describe the attacks in detail. Make sure you answer the following questions:
1) What was the name or type of attack?
2) What was targeted?
3) Who was affected?
4) How did the attack occur? Describe the details of what happened.
5) What is the source of your information? Include the URL.
DDoS attack on DNS provider Dyn.
Cyber attack that knocked out major websites such as Twitter, GitHub, Spotify, and Shopify.
The Mirai botnet targets poorly protected loT connected devices and uses them to launch a DDoS attack using specific targets. A Chinese electronics manufacturer admitted that its products inadvertently contributed to this attack. In this particular attack, the Mirai botnet attacked DVRs and IT cameras made by a Chinese electronics manufacturer.
Part 2: Describe Mitigation Techniques
In this part of the lab, you will reflect on how each of these attacks could be mitigated. For example, you might research and answer the following questions:
- Could this attack have been prevented?
- Can it be defended against?
- What measures need to be implemented in order to mitigate these attacks or minimize the impact?
- What other information about the attack should be described?
The attack described in the URL below was a DDoS attack that targeted vulnerable loT devices. A DDoS attack can be mitigated by ISPs who try to block malicious traffic. However, if they are not blocked by the ISP.
a targeted company can block the packets from entering their netwok, but it is likely their bandwidth will be consumed by the attack. It is also very difficult to block the packets since they are coming from different IP addresses and it is possible that legitimate traffic could also be blocked. This particular DDoS attack could have been prevented if loT manufacturing devices did a better job securing their devices. If machines or devices cOuldn’t be infected with botnet viruses, then these types of attacks wouldn’t happen in the first place.