Understanding IoT Vulnerabilities: DoS or How Hackers Can Cut Your Access to Devices or Services

Cyber attacks that aim to steal valuable information from a system require stealth to stay under the radar for as long as possible. Denial-of-service attacks are different – their noisy effects are impossible to miss, even though their origin may be unclear.

Denial-of-service (DoS) strikes are almost as old as the internet. As their name indicates, they result in an inability to access a device or the resources it offers. Hackers have several ways to launch a DoS assault, but the most common ones consist of bombarding a system with massive amounts of useless data to fill up the target’s available network bandwidth or its processing capacity. In either case, the overload prevents authorized users from accessing the service. Servers – machines that are part of an infrastructure tasked with providing online services for public or private customers – are regular targets.

A simplistic comparison would be a bartender receiving so many requests for a particular drink that he runs out of ingredients for it. As for overwhelming the processing capacity, the analogy would have the bartender busy making several complicated cocktails; other clients would have to wait for the bartender to finish the mixes before tending to their needs.

Internet of Things devices on a home network, are also susceptible to denial of service, and triggering this condition typically causes the devices to stop functioning, temporarily or indefinitely. The method is different, though, and involves exploiting a vulnerability that makes the system crash or become corrupted. This is similar to someone spilling water over your phone – you then have to wait for it to dry out.

IoT can be the source of attacks, in what is known as distributed denial of service (DDoS), where the target system receives an overwhelming number of requests from multiple sources – usually compromised devices. Cyber-criminals rely more and more on smart things to launch DDoS attacks because most of these devices are easy to hack and are plentiful across the globe.

Learning about vulnerabilities present in home devices and mitigating the risks they pose to the network can be automated with both software and hardware security products. Bitdefender’s informative alternative for security flaws in connected gadgets is Home Scanner; keeping the network secure requires the processing capabilities present in Bitdefender Box, a discrete security appliance built for scanning traffic and stopping connections to malicious addresses.