It is not only up to the big companies to help prevent DDoS attacks, every individual can take simple actions to make our devices less susceptible to being taken over by a botnet. DDoS attacks rely upon a network of infected devices to create the huge amounts of traffic necessary to overload systems. If attackers were less able to turn devices into bots in the first place, there would be far fewer DDoS attacks worldwide.
This is particularly the case with Internet of Things (IoT) devices, which often have less in-built security. Intel predicts that the ecosystem of IoT devices will grow to 200 billion worldwide. Smart devices are connected to larger networks, so if an attacker gets onto your IoT device, they can often then connect to your larger network in addition to turning them into bots to launch wider DDoS attacks.
Five things that you can do to protect your devices from becoming bots:
- Create Strong Passwords for All your Devices – This is especially important with devices you don’t interact with regularly, such as IoT devices, such as routers or which often come with a default.
- Be Cautious of Phishing Scams in Social Media as Well as in Emails – In mid-2016, a bot posing as a friend on Facebook reportedly tricked approx. 10,000 users into installing malware. The infection spread quickly by mimicking Facebook’s notifications feature inside Facebook Messenger. Targets received a message “from a friend”, which said the friend had mentioned them on Facebook. On clicking the link, instead of taking users to a Facebook post as expected, it installed a Trojan with a Chrome extension that automatically hijacked the victim’s Facebook account. According to Kaspersky Labs, “A successful attack gave the threat actor the ability to change privacy settings, extract data, and more, allowing it to spread the infection through the victim’s Facebook friends or undertake other malicious activity such as spam, identity theft, and generating fraudulent ‘likes’ and ‘shares’”.
- Update Your Devices – Companies often offer patches for you to update your software, removing known vulnerabilities and in doing so, greatly strengthening your defences. Unlike in companies, there is no IT team to take care of the upkeep of a smart device once it is bought, so it’s important to continue to do this across a product’s shelf-life.
- Run Anti-Virus Scans – Use anti-virus software on your smart phone or other devices, and other security tools, which help identify and remove malicious software. They may seem like an inconvenience, but if set up from the outset, can reduce unnecessary trouble later.
- Monitor Your Devices – If a device is acting in an unusual way, look more closely; for instance if email addresses are not reaching destinations you normally have no trouble with, your device could be infected and be sending spam as part of a botnet.