In October 2016, hackers launched an assault on Dyn, the company that controls much of the world’s DNS infrastructure. The Mirai botnet attack took down huge portions of the internet from Netflix to CNN and resulted in the largest DDoS attack ever. At 100,000 malicious endpoints and two times as powerful as any previous attack, Mirai malware was able to gain access to these huge networks through infecting computers and IoT devices using default passwords. When we are faced with the reality of IoT, it becomes clear that these devices are designed to be convenient, not secure. Default passwords are among the “easy setup” processes that make IoT so appealing. Many devices come with factory preset passwords to make setup fast and simple, but the downside is that these default passwords do not always get reset to more secure passwords once initial setup is complete. The “set it and forget it” is a common mentality when it comes to IoT devices as users don’t always proceed with the same caution as they would with any other connected device. On the small scale it can lead to a vulnerable device in the home, and on the large scale can result in something like the Mirai attack mentioned above.
There is nothing inherently threatening about IoT, but the security dangers continue to linger. Take a look at this infographic on the current state of IoT, its relationship with cybersecurity, and what it means for the future of connected devices and the dangers of IoT.