NETSCOUT

Spending on enterprise Internet of Things (IoT) solutions is expected to increase 24 percent this year, reaching a valuation of just under $160 billion. That growth is driven by the top benefits enterprise execs say they glean from IoT, including gaining competitive advantage, creating new business models, and meeting changing customer expectations. Indeed, 60 percent of enterprise executives believe the IoT will play an important role in the digital business strategies of their company.

But the massive influx of IoT devices into enterprise networks creates significant challenges for IT and security. This is especially true for enterprises that also are utilizing edge computing. Edge computing enables enterprises to increase network performance by reducing the need to send captured data from the network periphery back to a central system.

The biggest threat IoT devices pose for edge architecture stems from botnets that harness vulnerable devices for distributed denial-of-service (DDoS) attacks. Two of the most prolific IoT botnets are Gafgyt and Mirai, which accounted for more than half of the total number of DDoS attacks that occurred in 1H 2021. Let’s examine how these attacks impact enterprise IoT devices:

  • Mirai is malware that infects smart devices, turning them into a network of remotely controlled bots that are then used to launch DDoS attacks. In the first half of 2021, more than 180,000 Mirai malware samples were discovered. Mirai makes up nearly two-thirds of all Linux-based malware samples collected during the same time period.
  • Gafgyt is a multi-architecture IoT bot with several similarities to Mirai. Gafgyt has used telnet with default/ factory credentials and exploits to spread to vulnerable IoT devices. Like Mirai, Gafgyt supports several TCP, UDP, and HTTP-based DDoS attacks. Gafgyt is continuously undergoing development with new exploits and credentials.

These IoT-based botnets have been used to launch all types of DDoS attacks and are especially concerning for enterprises that utilize edge computing. Protecting against such attacks means IT and security teams need the ability to look at outbound traffic in order to identify internally compromised devices and indicators of compromise (IOCs).

Likewise, blocking traffic at the network edge requires complete confidence that you’re not blocking legitimate traffic. As such, you need a solution that conducts rapid, highly contextual cyberthreat investigations; automatically blocks inbound DDoS attacks and outbound IOCs; utilizes stateless packet processing technology; and integrates into the existing cybersecurity stack.

To learn more about how IoT devices are impacting edge architecture and what you can do about it, read the new white paper, As Enterprises Increasingly Embrace Edge Computing, Two Use Cases Underscore The Need For Intelligent, Automated Edge Protection, or reach out today to learn more from one of our security experts.

Subscribe to Our Blog

Related Posts