Some malware incidents will go down in history. The IT industry remembers 2006, for example, as the year of Stuxnet, an infamous worm that drew public attention to the insecurity of supervisory control and data acquisition (SCADA) and programmable logic controller (PLC) systems. I’m quite sure that 2016 will be similarly defined as the year of the distributed denial-of-service (DDoS) attack.

A New Breed of DDoS Attack

DDoS isn’t new. In fact, it has been a common cybercriminal tool for decades. And although this type of attack took down many popular websites in 2016, that’s not why DDoS defined the year in cybersecurity. Rather, 2016 will go down as the year cybercriminals began incorporating the Internet of Things (IoT) into DDoS campaigns on a wide scale.

This new breed of malware is designed to infect millions of IoT-connected devices — not to damage them directly, but to create massive botnets through phishing campaigns, ransomware and other ploys. These botnets facilitated many high-profile attacks that knocked out several prominent websites this past year. The method is not entirely new, but the scale and success of these campaigns are quite impressive.

DDoS Best Practices for 2017

Let’s look at it from the perspective of the owner of a device used to facilitate a DDoS attack. All kinds of connected devices, from cameras, smartphones and sensors to refrigerators, light fixtures and washing machines, are fair game. Many enterprises have proper mobile security controls in place to protect their devices, but regular users, in general, are not as well-prepared. When shopping for a refrigerator, for example, consumers rarely consider what operating system it runs or whether it has a virtual private network (VPN).

It is time for consumers and businesses to change this behavior for 2017. Users should educate themselves about the consequences of DDoS attacks and vendors should be held responsible for building effective security measures into their devices. Increased awareness is the key across the board.

Read the X-Force Research report: Extortion by distributed denial of service attack

more from Advanced Threats

Black Hat 2022 Sneak Peek: How to Build a Threat Hunting Program

You may recall my previous blog post about how our X-Force veteran threat hunter Neil Wyler (a.k.a “Grifter”) discovered nation-state attackers exfiltrating unencrypted, personally identifiable information (PII) from a company’s network, unbeknownst to the security team. The post highlighted why threat hunting should be a baseline activity in any environment. Before you can embark on a threat hunting exercise, however,…

World’s Largest Darknet Market Shut Down, $25 Million in Bitcoin Seized

On April 5, German authorities announced the takedown of the Hydra marketplace, the world’s largest darknet market trading in illicit drugs, cyberattack tools, forged documents and stolen data. The criminal operation, with about 17 million customer accounts, raked in billions in bitcoin before getting shut down. On its website, the Federal Criminal Police Office (BKA) stated it had secured and…