DDoS 10-04-2018

NIST’s “Mitigating IoT-Based Distributed Denial of Service” Study

Dean Coclin

The explosive growth of Internet of Things (IoT)-based devices has been a boon for manufacturers and consumers. There seems to be no end to the variety of products we can bring online. You probably never thought and would be connected to the Internet – but they are. However, what starts off as a good thing can quickly turn bad.

Consumer devices come to market quickly and are price sensitive. Cybersecurity-related costs inevitably impact deployment timelines and device prices. Accordingly, manufacturers often skipadding necessary security. This results in poorly secured devices (toys, cameras, monitors, watches, etc.) that can be taken over by hackers. These devices can then be assembled into a “botnet” (a network of remotely controlled devices), becoming a nefarious tool.

The Mirai botnet recently took advantage of weak security in consumer devices, injecting malware and giving the attacker remote control. The attacker then “joined” the devices into one big network and used them to attack other networks by flooding them with packets from the compromised devices.

As a result, NIST’s National Cybersecurity Center of Excellence (NCCoE) has embarked on .The NCCoE aims to “improve the resilience of IoT devices against distributed attacks and expand the service availability characteristics of the Internet by mitigating the propagation of attacks across the network.”

Several companies, such as Cisco, Symantec and CableLabs, are participating in this project. is pleased to provide this mission – and other NCCoE projects currently undergoing research – with digital certificate services. We have a long history of participating in these investigations and recently supported two other NIST projects:and. We plan to continue supporting the NCCoE and its upcoming research.

UP NEXT
PKI

3 Surprising Uses of PKI in Big Companies and How to Ensure They Are all Secure

5 Min

Featured Stories

07-03-2024

What is a CA’s Role in delivering digital trust?

11-11-2024

FIPS 140-3 certification unlocked for TrustCore SDK

10-31-2024

Announcing the GA release of Device Trust Manager