Internet-of-Thing (IoT) botnets are not a new phenomenon. Arbor Networks routinely sees IoT botnets comprised of webcams, DVRs, and set-top boxes used to launch DDoS attacks.
In fact, during a recent international event, Arbor Networks, along with our customers, helped mitigate a sustained, sophisticated 540Gbps attack launched by an IoT botnet. This attack started a month before the event and escalated once it began. And nobody noticed.
The reason is clear to us. The defenders knew they’d have their work cut out for them, and prepared accordingly. The key to DDoS protection is preparation. The more one knows about the Tactics, Techniques and Procedures (TTPs) of their attackers, the more prepared one is to defend themselves when attacked. To assist organizations in their preparation, Arbor’s Security Engineering and Response Team (ASERT) has posted a detailed analysis of the now infamous Mirai botnet including attack vectors and best practices in attack mitigation on their ASERT BLOG. The following is a summary of that Mirai botnet analysis and introduction to Arbor Networks DDoS Protection Solutions