Last week, news broke of a recent DDOS attack using IPs belonging to CCTV cameras. The story, which originated on the Incapsula blog, describes a botnet including approximately 900 CCTV cameras – some of which were located nearby the Incapsula offices.
As Incapsula emphasizes in their blog post, this attack isn’t terribly surprising or uncommon, as internet connected devices have risen in prevalence in recent years. Furthermore, these devices are often out of focus when it comes to security measures. Case in point: many of the devices used in this attack were easy to access because they were still using factory-default passwords.
That said, this attack could most certainly have been prevented and Advanced Ip Filtering could have been useful. In the case of this attack, the cameras had a vulnerability which allowed the attacker to use them as an attack platform from many global locations. If Advanced Ip filtering were in place, it would have triggered a simple alert, which would have protected against the problem, likely without victims or customers knowing the difference.
Attempting to prevent this type of attack on a less-advanced firewall would have resulted in the port and web server being shut down for self-preservation, while Advanced Ip Filtering would have surgically removed the offending IP addresses without disrupting the web server. Furthermore, it would have recognized the country locations of those breached IP addresses, limiting access to the service from the country origin in the first place.
As our society becomes increasingly more dependent on internet connectivity to function, Advanced Ip filtering will play an important role in the future of threat protection. What is your experience with protecting the Internet of Things? Share your comment below. {{cta(‘99392c08-d880-4c02-8ce3-4d7ceec4de14′,’justifyright’)}}