Update Date: Nov 05, 2016 07:45 AM EDT
WASHINGTON, DC – JANUARY 16: (L-R) Kevin Charest, chief information security officer for the Health and Human Services Department; Teresa Fryer, chief information security officer and director of the Centers for Medicare and Medicaid Services’ Enterprise Information Security Group, and Frank Baitman, Deputy Assistant Secretary for Information Technology for the Health and Human Services Department, listen during a House Oversight Committee hearing concerning the security of the Healthcare.gov website, in the Rayburn House Office Building on Capitol Hill, January 16, 2014 in Washington, DC. During the hearing, Fryer told the committee she would now recommend full operational and security certification for the Healthcare.gov website. (Photo by Drew Angerer/Getty Images) (Photo : Drew Angerer / Stringer)
A giant distributed denial of service (DDoS) attacked the internet on 21st of October. This affected multiple popular websites which were taken offline for several of hours. This attack was focused upon the entire internet rather than affecting a particular website.
Advertisement
An unidentified person had created a botnet named Marai, and it is made from millions of hacked Internet of Things which may include smart devices like web-enabled cameras and routers which are capable of creating chaos.
Those operating as DDoS subject matter experts had already warned that such attacks are a complete reality. If the IoT manufacturers cared for this worthy advice and might have added even the basic security measures into the technology, the IoT botnets would not have been a reality.
The main reason behind the origin of Marai botnet is because vendors opted to make internet-enabled devices like smart watches.
They also wished to enable internet capabilities to traditional devices like toasters and kettles, but they were unable to secure the products before selling them to the consumers.
Experts advise that for all the current devices internet service providers should block Telnet Port 23 globally.
Same thing was done with SMTP (Port 25) which is a simple protocol for sending emails. This was done because of the spam problem. Consumers couldn’t be trusted using mail services at home because these ports were misconfigured or just openly configured. So it was the decision of over 90% ISPs to block the port.
Advertisement
It is believed that blocking one port will not stop the problem. As per statics many of the vulnerable IoT devices also run very weak web interfaces with TCP port 80 exposed. Blocking TCP port 80 by ISPs simply means that there will be an end of the internet.
This problem will remain unresolved even if few countries stop the trade of venerable IoT because the internet is a global affair and attacks can be launched from anywhere.
Yes for the time being blocking Port 23 can resolve the issue but it is not a permanent solution to this problem.