Client Alert: Internet of Things Vulnerabilities

On Friday, October 21, 2016, there was an unprecedented 'denial of service' attack on the internet infrastructure throughout the United States and Canada.

This event resulted in massive business interruption and the failure of cornerstone internet businesses.

Attackers flooded servers run by Dyn, a DNS provider, with a crippling volume of traffic, rendering it unable to serve legitimate users and forcing offline numerous top websites, including Twitter, Spotify, Netflix, Airbnb, Reddit, The New York Times and the Wall Street Journal. Users throughout the Eastern United States and Canada reported outages of these and other of major sites.

What makes this attack particularly worrisome is that it was driven by the Internet of Things ("IoT") devices. It is currently estimated that there are over 6.4 billion Internet of Things devices, and these are computational devices as diverse as logistical tracking systems for the trucking industry to home automation systems, Fitbits, smart TVs and surveillance cameras.

It appears that a large amount of the malicious traffic came from devices within the Mirai botnet, a malicious system which attacks ordinary IoT devices such as surveillance cameras and home routers, and uses them to engage in these malicious attacks. Hundreds of thousands of people around the world were unaware that they were participating, via their home network appliances, in one of the largest 'denial of service' attacks in history.

This attack comes just weeks after similar exploits were unleashed on French hosting company OVH and a leading information security journalist, Brian Krebs. These attacks highlight gaping holes in IoT security and underscore the urgent need for device manufacturers, internet companies and users to address these issues.

Duff & Phelps’ team of investigators, subject matter experts and technologists are available to discuss these and other issues related to IoT including policy, best practices, corporate risks and other emerging issues.

Client Alert: Internet of Things Vulnerabilities 2016-10-23T00:00:00.0000000 /insights/publications/litigation-and-disputes/client-alert-internet-of-things-vulnerabilities publication {C8894F56-FF6C-4DEA-AB91-58D66A7F0624} {AB22E3A7-0FD2-43A7-91E0-C3590E9141B9} {65BD25EA-3D1A-481C-92B9-42F193B603A0} {871EB752-F3E8-4991-AA79-545153989F0D}

Related Services

Duff & Phelps Disputes

Governance, Risk, Investigations and Disputes

Combined Duff & Phelps and Kroll disputes, investigations, cyber, business intelligence, cross-border restructuring and other advisory.

Governance, Risk, Investigations and Disputes
Duff & Phelps Compliance and Regulatory Consulting

Compliance and Regulatory Consulting

Cybersecurity Services

Cybersecurity support for asset managers.

Cybersecurity Services
Duff & Phelps Disputes

Governance, Risk, Investigations and Disputes

Global Data Risk

Cyber data expert testimony, digital evidence forensics and e-Discovery response.

Global Data Risk

Case Studies

Insights