“Whether it is a router, a WiFi access point or a CCTV camera, default factory credentials are there only to be changed upon installation.”
In the News
As Igal Zeifman, senior digital strategist for Imperva, noted, "The most prevalent trend we saw in Q3 2015 was the unprecedented spike in the number of network and application layer DDoS attacks...."
The malware we found inside them was an ELF binary for ARM named (.btce) a variant of the ELF_BASHLITE (a.k.a. Lightaidra and GayFgt) malware that scans for network devices...
"Incapsula warned about issues last March as it witnessed a 240% increase in botnet activity on its network.”
“Still, old foes have the capacity to surprise, as we were recently reminded, when one of our clients was targeted by repeated HTTP flood attacks. The attack was run of the mill, peaking at 20,000 requests per second (RPS). The surprise came later when, upon combing through the list of attacking IPs, we discovered that some of the botnet devices were located right in our own back yard.”
Young startups and new businesses are affected the most. For them, the consequences of a DDoS attack can be the kiss of death. As such, they are often subjected to extortion attempts by criminals using DDoS for hire services.
While the OpenSSL Heartbleed vulnerability, for example, is more than a year old, most Websites have not taken the necessary step to prevent abuse of compromised digital certificates.
"Assaults against network infrastructures continue to grow in size and duration. Those aimed at applications are both long in duration and likely to be repetitive."