ITNewsAfrica logo

Latest News       Profile      Arbor Networks Website       Contacts       IT News Africa

linkedin   twitter icon   facebook



DDoS mitigation best practice in an IoT world

JOHANNESBURG – November 10, 2017 - The Internet of Things (IoT) is a conversation that has been gathering momentum in the public space for around the past five years or so, even though the concept has been around for a few decades. And yet, in this brand-new world of science fiction coming to life, threats lurk also.

So says Arbor Network’s territory manager for Sub-Saharan Africa, Bryan Hamman. He says, “Obviously, people are excited when they think about the possibilities brought about by a world in which objects can be sensed or controlled remotely across existing network infrastructures. Never mind smartphones – the biggest consumer electronic companies in the world are competing with each other to launch ‘smart fridges’ as just one of an array of connected devices in the home of the future.

“These connected home devices create opportunities for even more integration of the physical world into computer-based systems, and the intention is that they will allow for improved efficiencies and a reduced need for human intervention – think of your smart fridge telling you when you need to throw away your expired milk, for example. At the same time, though, the IoT brings massive opportunities for criminals to use this increasingly connected world for their own commercial gain.”

Hamman notes that while the IoT brings the promise of efficiency and innovation to both homes and businesses, it also significantly expands the threat surface, allowing malware to turn IoT devices into being part of a botnet army - a network of private computers infected with malicious software and controlled as a group without the owners' knowledge.

He says, “A botnet army grows by continuing to spread its malware to new devices. When a botnet army reaches a certain size, it becomes a revenue-generating platform for its creators by launching distributed denial of service (DDoS) attacks on networks. The attacks will be turned off and the network allowed to function normally again, in return for a ransom paid in Bitcoin payments.”

IoT devices are vulnerable to DDoS botnets for a number of reasons. For example, attackers are able to exploit a manufacturer’s re-use of default passwords across device classes. In addition, most IoT devices have access to the Internet without any bandwidth limitations or filtering, while the pared-down operating systems and processing together leave less room for security features – which is why most security compromises go unnoticed.

Hamman says that Arbor advises enterprises, Internet service providers (ISPs) and managed security service providers (MSSPs) to defend against DDoS attacks by implementing best current practices for DDoS defence, as follows:

  • Reducing the network’s surface of vulnerability.
  • Ensuring complete visibility over all network traffic to detect DDoS attacks.
  • Ensuring sufficient DDoS mitigation capacity and capabilities, both on-premise and in the cloud.
  • Having a DDoS defence response plan, which is kept updated and rehearsed on a regular basis.
  • ISP and MSSP network operators should actively participate in the global operational community, so that they can provide assistance when other network operators come under high-volume DDoS attacks, and in turn request mitigation assistance in need.
  • ISP and MSSP network operators should also take into account the baseline load of their normal Internet traffic. This is very important when determining which DDoS defence mechanisms and methodologies to use if under attack.

Hamman concludes, “Today, broadband Internet is become more widely available and more devices are being created with Wi-Fi capabilities and sensors built into them, while smartphones, at least in first world countries, are becoming the norm rather than the exception. This all means that the IoT phenomenon is simply gathering pace, day by day and hour by hour. It is more important than ever to remember that your connected devices are now a part of your network and as such, need the same security considerations to be applied.”

For more information about Arbor in Africa, please contact Bryan Hamman at



About Arbor NetworksArbor Networks, the security division of NETSCOUT, helps secure the world’s largest enterprise and service provider networks from DDoS attacks and advanced threats. Arbor is the world’s leading provider of DDoS protection in the enterprise, carrier and mobile market segments, according to Infonetics Research. Arbor’s advanced threat solutions deliver complete network visibility through a combination of packet capture and NetFlow technology, enabling the rapid detection and mitigation of malware and malicious insiders. Arbor also delivers market-leading analytics for dynamic incident response, historical analysis, visualization and forensics. Arbor strives to be a “force multiplier,” making network and security teams the experts. Our goal is to provide a richer picture into networks and more security context so customers can solve problems faster and reduce the risks to their business. To learn more about Arbor products and services, please follow us on Twitter @ArborNetworks. Arbor’s research, analysis and insight, together with data from the ATLAS global threat intelligence system, can be found at the ATLAS Threat Portal. Trademark Notice: Arbor Networks, the Arbor Networks logo and ATLAS are all trademarks of Arbor Networks, Inc. All other brands may be the trademarks of their



Networks Unlimited, Chriselna Welsh, +27 (0) 11 202 8400 ,

icomm, Debbie Sielemann, +27 (0) 82 414 4633, ,


Home    About Arbor Networks     Website



ITNewsAfrica logo

Download Button