A few seconds before Dale Drew of Level3 and Andy Ellis of Akamai took the stage at Structure Security 2016 about a month ago, I whispered my last-minute suggestion for their discussion: “Krebs!” I was referring, of course, to what was considered (at the time) a massive botnet of hijacked Internet of Things devices that took down a site belonging to security journalist Brian Krebs.
What followed during their session was an eerie preview of the Mirai botnet attack on Dyn last Friday that brought the internet to a crawl. That attack, which Dyn said used “10s of millions” of IP cameras and other devices that were easily exploited and harnessed, brought hundreds of sites that used Dyn’s DNS services to their knees
“When we look at the history of DDoS attacks, we see these harbinger things come up,” Ellis said, referring to a few much smaller but interesting botnet attacks in recent years. Turns out, he was quite right, but the Krebs attack was a preview of the damage that could be caused by such an attack, not the main event.
“I don’t think we’re going to stop the expansion of the internet of things,” Davis said. The problem, as we learned over the weekend, is that some fledgling IoT companies “deploy (a product) before securing it.”
“What’s happened over the last few years, because the largest DDoS attacks weren’t growing, everybody assumed that the age of big DDoS was over,” Ellis said. Clearly, that’s not the case.
Check out the rest of our Structure Security 2016 coverage here, and a video embed of the session follows below.