Sign In

Communications of the ACM

ACM TechNews

Massive Cyberattack Poses Policy Dilemma, Stanford Scholar Says

View as: Print Mobile App Share:
Stanford University senior research scholar Herbert Lin.

Stanford University senior research scholar Herbert Lin says Internet of Things devices need at least minimal security measures to prevent a recurrence of last week's denial-of-service attack.

Credit: Rod Searcey

Last week's cyberattack that affected several prominent websites reveals weaknesses in the Internet of Things (IoT) that need to be addressed, according to Stanford University researcher Herbert Lin.

However, Lin says stricter security requirements could slow innovation, cost more, and be difficult to enforce.

The U.S. Federal Bureau of Investigation and the Department of Homeland Security probed the distributed denial-of-service (DDoS) attack that targeted Dyn, an Internet service provider that operates much of the Internet's infrastructure. The DDoS attack flooded Dyn's servers with millions of phony requests from sources for service to go to those websites. Being forced to process all of the fake requests, Dyn could not service real people trying to use websites.

Investigators believe the millions of sources making the fake requests were part of the IoT. The Internet-connected devices, which include security cameras, baby monitors, and home routers, are especially vulnerable because they are small, do not have much computational power, and normally do not include security features.

In order to prevent similar attacks in the future, Lin says there needs to be a policy that encourages, or even mandates, at least minimal security measures for IoT devices.

From Stanford News
View Full Article


Abstracts Copyright © 2016 Information Inc., Bethesda, Maryland, USA


No entries found