Today’s mobile device usage and online viewing of entertainment are just the tip of the internet traffic iceberg. The Internet of Things is also expanding dramatically.
Connected devices already outnumber people on Earth two-to-one, and their number could increase to 50 billion by 2020. Within a few years, 90% of the cars on the road will be online. The popularity of domestic devices — Nest thermostats, Philips Hue lights, smart appliances — guarantees that our homes will be as connected as our cars.
On the industrial side, sensor-equipped jet engines, locomotives, and wind farms maximize performance and optimize maintenance — and that’s all by GE. Buildings, transportation, and energy delivery are all getting smarter by capturing and analyzing vast quantities of data in real time.
To realize IoT’s potential for our businesses, our cities, and ourselves, internet services must scale more dramatically and more rapidly than ever before.
Industrial sensors and local processing devices are commonly produced with security safeguards and are reprogrammable to counter new threats. Many consumer devices — phones, DVRs, home routers, internet-enabled appliances — are not. Yet they may contain powerful processors and access substantial bandwidth. They can be attacked in two ways:
In August of 2016, Akamai detected and began issuing warnings about what became the best-known, largest scale, and widely felt botnet to date. The Mirai botnet consisted of devices such as IP cameras and DVRs that have easily discoverable default usernames and passwords. At the height of its attacks, it had several hundred thousand devices participating and together generating 623 Gigabits per second of traffic swamping its target sites.
With the projected increase in connected devices plus the rapid growth of bandwidth in the “last mile” — where the devices connect to homes and businesses — we can expect future botnet attacks that make Mirai look small.
Standards for the security engineering and automated reprogramming of IoT devices could improve the threat landscape in the long term. But today there are few market incentives to create devices with strong security. Many types of IoT appliances were never meant to be updated and so require recall or replacement to combat newly discovered vulnerabilities. And a growing number of installed IoT devices are no longer supported by their manufacturers, or their manufacturers are out of business. For the foreseeable future, defensive security must aggressively scale up and become more intelligent.
Akamai is already making major investments to prepare for a world where terabit-per-second attacks may be common. Its cloud platform is continuously scaled to maintain 3-5x available capacity over the largest known DDoS attack. It has visibility into 50 million web application attacks and hundreds of DDoS attacks weekly, and its threat intelligence stays on top of vulnerabilities, evolving attack vectors, zero-day attacks, DDoS-for-hire, and threats from IoT-fueled botnets.
More than 6,000 of the world’s largest online properties trust Akamai to keep websites, data centers, applications, and data secure.
To keep up to date with developments on the Internet, see the latest edition of Akamai’s State of the Internet Report.