Yes, it is. The devices often stop working if they can’t call home, and all it takes to break partitioning is for one user to pick something up at Best Buy and plug it into the wall under their desk.
A different VLAN doesn’t mean no internet access, and a single bad device is not the same kind of threat to your network as a several-thousand-strong botnet.
Also, a VLAN dedicated to devices with a whitelisted MAC address (or, if you want to go really nuts, a WPA enterprise cert) means you can reserve capacity to service the devices you’ve provisioned.
When things go bad, having segmented VLANs for centrally-provisioned, BYOD and IOT means you can restore service to core technology quickly, then work to get everything else running smoothly.
The incident is given from that team member’s perspective; he or she suspected something fishy after detecting a sudden big interest in seafood-related domains.
Seriously though, I wonder how much of this could be mitigated if everything ran a (perhaps semi-) bespoke OS instead of one of a handful of embedded operating systems, many of which are just Linux. Or is it the application code that is vulnerable in these cases?
As I understand it a lot of these attack occur because the passwords were never set to anything but a simple default password. See the Mirai Botnet attacks.
It’s almost all application code in these that’s vulnerable. If it was outdated versions of Linux and basic daemons that were vulnerable most websites would be on fire right now.
They had and were in the past. The IOT model is now in the phase that happened in desktops, servers, mobile, and so on. They ignore security completely until the damage adds up enough in the media to force some half-assed action. Increasingly-sophisticated attacks might force more action later. Rinse, repeat.
I can’t wait to see the trend happen with VR appliances if they take off. Might be some Hollywood-style shit possible there. Attackers' theme should be Freddy Krueger. ;)
I’m really worried about stuff like that, I know I’m not the only one worried about all that because there’s this kind of article going on, and so a lot of people (well, at least, tech-literate people) are also worried about it. I think. Anyway, point is: I’m seeing these things popping up on the shelves at Walmart, in increasing numbers and varieties, and in decreasing price (and one assumes, quality).
Thank god I educated my family on the dangers of everything forever.
Is ‘Put your unmanaged devices on their own VLAN’ some kind of difficult voodoo? I should raise my hourly rate…
Yes, it is. The devices often stop working if they can’t call home, and all it takes to break partitioning is for one user to pick something up at Best Buy and plug it into the wall under their desk.
A different VLAN doesn’t mean no internet access, and a single bad device is not the same kind of threat to your network as a several-thousand-strong botnet.
Also, a VLAN dedicated to devices with a whitelisted MAC address (or, if you want to go really nuts, a WPA enterprise cert) means you can reserve capacity to service the devices you’ve provisioned.
When things go bad, having segmented VLANs for centrally-provisioned, BYOD and IOT means you can restore service to core technology quickly, then work to get everything else running smoothly.
Could the IoT devices just want lobste.rs invites?
OT? Impossibru!
No one invent Cylons, please.
Seriously though, I wonder how much of this could be mitigated if everything ran a (perhaps semi-) bespoke OS instead of one of a handful of embedded operating systems, many of which are just Linux. Or is it the application code that is vulnerable in these cases?
As I understand it a lot of these attack occur because the passwords were never set to anything but a simple default password. See the Mirai Botnet attacks.
It’s almost all application code in these that’s vulnerable. If it was outdated versions of Linux and basic daemons that were vulnerable most websites would be on fire right now.
They had and were in the past. The IOT model is now in the phase that happened in desktops, servers, mobile, and so on. They ignore security completely until the damage adds up enough in the media to force some half-assed action. Increasingly-sophisticated attacks might force more action later. Rinse, repeat.
I can’t wait to see the trend happen with VR appliances if they take off. Might be some Hollywood-style shit possible there. Attackers' theme should be Freddy Krueger. ;)
I’m really worried about stuff like that, I know I’m not the only one worried about all that because there’s this kind of article going on, and so a lot of people (well, at least, tech-literate people) are also worried about it. I think. Anyway, point is: I’m seeing these things popping up on the shelves at Walmart, in increasing numbers and varieties, and in decreasing price (and one assumes, quality).
Thank god I educated my family on the dangers of everything forever.