How the Internet of Things is fuelling DDoS attacks

September 21, 2022

SEACOM_SOCIAL_South_Africa_the_internet_of_things_ddos_attacks

Internet of Things (IoT) devices have become a popular target for cybercriminals using distributed denial of service (DDoS) attacks. These devices typically have security vulnerabilities, including passwords and security configurations that are easy to hack, default administrative credentials, and open access to management systems.

IoT devices are becoming more prevalent, but they aren't always updated with security patches and tools. Therefore, cybercriminals are using the IoT to fuel DDoS attacks. A DDoS attack is serious and targets business networks on a massive scale. Millions of fake requests are sent to networks, which can cause the network to crash or become unresponsive.

The IoT It is an interconnection of web-enabled devices that send and receive data. It can include physical objects like sensors and CCTV cameras as well as virtual machines, software and electronic systems. These devices communicate with one another via computer networks or the internet. IoT devices that have been compromised are now being used by hackers to execute DDoS attacks.

IoT devices on the botnet

The botnet's compromised IoT devices are used to launch coordinated attacks that destabilise business networks and disrupt digital infrastructure. A network of computers or other devices that have been infected with malware or viruses is known as a botnet. Through the use of this malware, cybercriminals are able to virtually control those devices without the owner or user being aware of it.

Computers and mobile devices are just two of the many components that make up botnets. The number of infected IoT devices in the botnet, which can be hundreds of millions strong, is expanding rapidly over time. IoT devices and mobile phones are increasingly being used in DDoS attacks.

The IoT used in a DDoS attack

Traditionally, desktop computers have been the primary source of malware and the main component of botnets. However, as more devices have been connected to the internet in recent years, botnets have grown to include more devices like:

  • Linux servers (Ebury botnet)
  • Android mobile devices (WireX botnet)
  • Routers (Mirai botnet)
  • IP cameras (Persirai botnet)

Some of the most severe DDoS attacks have been caused by the Mirai botnet. Recently, an army of botnet devices launched a massive attack on a number of critical web surfaces, affecting websites like Twitter, Netflix and Spotify. Nearly one million people in Germany were without internet access for a few days after their routers became infected with Mirai, a virus created specifically to infect IoT devices.

The number of Mirai variants reportedly rose by approximately 60% in 2019. In the latter quarter of 2019 and into 2020, a new Mirai variant known as Mozi was to blame for the most extensive flooding of traffic. With multiple botnets using the Mirai and Mozi viruses to target IoT devices, this specific strain of malware continues to be a danger.

IoT device-based DDoS attacks

DDoS attacks were launched by criminals from multiple devices across many different countries. Due to the fact that requests seemed to originate from legitimate users, it is extremely difficult to pinpoint the attack's source.

DDoS attacks are evolving into a significant cyber threat for enterprises and public institutions globally. Those that target governments and state-owned enterprises increase by about 25% annually. DDoS attacks increased by 300% in Africa between 2019 to 2021. In the private sector, industries like banking, healthcare and e-commerce are mobilising to protect their customers, employees and digital assets against the effects of these threats.

The effects of a DDoS attack

Users may not be able to access online services after a DDoS attack. Customers may be unable to access the company website or mobile application, while employees may be locked out of their company network. Such disruptions can be quite costly for companies in terms of lost productivity and the need to shift resources to deal with the fallout.

An effective DDoS attack will aim to:

  • Shut down a business network as a precursor to a ransomware attack
  • Change or destroy data or configuration settings
  • Cause destructive changes to network devices

DDoS Protection for IoT devices

To prevent system crashes and data breaches, particularly those caused by IoT devices, DDoS protection is crucial. For large enterprises, having the right DDoS protection software is essential. DDoS Protect is now available to East African enterprises thanks to a partnership between SEACOM Business and NETSCOUT.

Automated detection and response are features of our DDoS protection tools. The service addresses several issues associated with an attack, including those brought on by infected IoT devices. Whether it's a volumetric, application-layer, or protocol-layer attack, DDoS Protect prevents and mitigates all threats. Additionally, it provides protection against hybrid threats.

This software allows for continuous, real-time monitoring of business networks. Any anomalies that would indicate a DDoS attack can be detected via behavioural analysis. Our DDoS protection solutions' key features include reporting, data filtering and traffic monitoring. Protection options include cloud-based and on-premises alternatives, and both of them are designed to suit hybrid cloud environments.

DDoS Protection with SEACOM Business

SEACOM Business offers different levels of protection based on the needs of your business. Whether you need on-demand or continuous DDoS protection, we can design solutions that can change and adapt as your company grows. Our technical support is available around-the-clock, so your company network is always fully secure.

If your network is under a DDoS attack, SEACOM Business can help you: call us now for assistance on +254 20 513 3170. For more information or to get a quote for our DDoS protection services, email us at marketing@seacom.com or leave us a message.


SEACOM owns Africa’s largest network of information and communications technology (ICT) infrastructure, including fibre optic networks and subsea cables. We offer a wide range of industry-leading scalable ICT solutions for large companies that operate throughout the region.

SEACOM is privately owned - making it adaptable to the needs of the client. We are the preferred ICT and internet connectivity supplier for African enterprises. We can guarantee fast, reliable and secure internet and networking services at affordable prices.

For‌ ‌more‌ ‌information‌ ‌on‌ these solutions, ‌follow‌ ‌us‌ ‌on‌ ‌‌LinkedIn‌,‌ ‌‌Facebook‌ ‌or‌ ‌‌Twitter.‌ ‌Keep‌ ‌an‌ ‌eye‌ ‌on‌ ‌our‌ ‌‌news‌ ‌section‌‌ ‌for‌ ‌industry news and announcements on African ICT, internet connectivity, cloud services and security solutions.

In other news