Ce diaporama a bien été signalé.
Nous utilisons votre profil LinkedIn et vos données d’activité pour vous proposer des publicités personnalisées et pertinentes. Vous pouvez changer vos préférences de publicités à tout moment.

How IoT Is Breaking The Internet

127 vues

Publié le

Slide deck from the IAE-NYC Meetup on November 16th at Rise NYC.

Publié dans : Internet
  • Soyez le premier à commenter

  • Soyez le premier à aimer ceci

How IoT Is Breaking The Internet

  1. 1. Intelligent DNS & Traffic ManagementIntelligent DNS & Traffic Management November 16th, 2016 Carl Levine | Senior Technical Evangelist How IoT is Breaking The Internet
  2. 2. INTRODUCTION.
  3. 3. Precision control over Internet Traffic At NS1, we push the boundaries of DNS and traffic management to improve application performance and deliver an exceptional user experience. We’re engineers and we love automation and seamless integrations in our stack. We’ve built NS1 for engineers who are building applications at scale, where automation is critical.
  4. 4. Eat, Breathe, Sleep DNS Senior Technical Evangelist at NS1 New Hampshire native (1 wife, 3 dogs, 2 cats, umpteen chickens) @stuffcarlsays on Twitter
  5. 5. CONTEXT.
  6. 6. What is the Internet of Things? Everyday things in our lives are becoming instrumented with technology to allow us to connect and interact with them in ways never imagined before. Peace of mind, convenience, energy savings, and countless other advantages are gained by connecting everyday things to the Internet, leveraging a wider pool of data to ultimately improve our quality of life. By 2020, it’s estimated that there will be 20 billion IoT devices in the wild.
  7. 7. What is the Domain Name System? At the core of today’s Internet is a hierarchical database that maps names to IP addresses – this is the Domain Name System. example.com Recursive Server Root Server .com TLD Server Authoritative Server
  8. 8. What is a Denial Of Service Attack? Cyber attack where a connected resource is temporarily or indefinitely made unavailable. Typically executed by sending superfluous queries to a specific resource in an effort to inhibit normal operation. Bandwidth Provider Data Center Legitimate Traffic Superfluous Traffic
  9. 9. How does a DDoS affect DNS resolution? When a DDoS is hatched against an authoritative DNS provider, the outcomes can be far more devastating to a greater number of users. The ability to return pertinent information about a domain is compromised, and users are left with either inordinate amounts of latency or worse, no resolution at all. example.com Recursive Server Root Server .com TLD Server Authoritative Server
  10. 10. What is a botnet? A botnet is a network of remotely controlled clients, armed with a malicious software package that serves to initiate and fuel distributed denial of service attacks.
  11. 11. IN PRACTICE.
  12. 12. How do DDoS attacks take advantage of IoT? As we explored earlier, everyday things in our lives are getting instrumented with connectivity. If all of these devices were to become compromised, act like a botnet… what could happen? This is no longer a question of if, because it happened not once or twice… thrice in recent times.
  13. 13. How do DDoS attacks take advantage of IoT? The Mirai malware that was installed into unprotected IoT devices has hatched several small scale attacks and three major events in recent history. Bandwidth Provider Data Center Legitimate Traffic
  14. 14. Mirai Round 1. Amplification Attack against krebsonsecurity.com’s infrastructure. Began around 8pm Eastern, September 20th Website was unavailable .62 TB/sec
  15. 15. Mirai Round 1. .62 TB/sec x 31,000
  16. 16. Mirai Round 2. Amplification attack against OVH Telekom – German ISP Multiple attacks exceeding 100 Gbps simultaneously concurring at 1 Tbps DDoS attack. ~1 TB/sec
  17. 17. ~1 TB/sec $ dig cpsc.gov ANY
  18. 18. Mirai Round 2. ~1 TB/sec x 50,000
  19. 19. Mirai Round 3. Multi-factored attack against Dyn, Friday October 21, 2016 from approximately 11:10 UTC to 13:20 UTC and then again from 15:50 UTC until 17:00 UTC Affected many major web properties with severe latency or unavailability 1.2 TB/sec
  20. 20. 1.2 TB/sec Mirai Round 3. Impacted Dyn’s direct customers who leverage their authoritative DNS service. Impacted users of services who leverage Dyn’s authoritative DNS service. One of the biggest DDoS attacks in the history of the Internet
  21. 21. 1.2 TB/sec Mirai Round 3. x 60,000
  22. 22. What if these attacks were aimed at the root name servers? Cascading DNS failures would run rampant. Worst case scenario. Thankfully, the root name server architecture is much more distributed, and there are measures in place to deal with this if it did come to pass.
  23. 23. What is the motiviation behind these attacks?
  24. 24. PREVENTION.
  25. 25. What can I do to prevent this as an IoT user? Change default passwords IMMEDIATELY Use a home gateway device such as Cujo (getcujo.com)
  26. 26. What is the industry doing about this? There’s no standards body managing IoT security Discussions are ongoing among operators to find a common ground.
  27. 27. What can I do as an operator to mitigate risk? Redundant DNS Dual DNS DDoS Mitigation
  28. 28. CONCLUSION + Q&A.
  29. 29. Key takeaways for good citizens of the internet. Remain hyper-vigilant around securing your devices Look for redundancy at all layers of the stack Share this knowledge with anyone and everyone
  30. 30. com @nsoneinc

×