An anonymous reader writes:An attacker compromised over 5,000 IoT devices on a campus network — including vending machines and light sensors — and then used them to attack that same network. “In this instance, all of the DNS requests were attempting to look up seafood restaurants,” reports ZDNet, though the attack was eventually blocked by cybersecurity professionals. Verizon’s managing principal of investigative response blames the problem on devices configured using default credentials — and says it’s only gong to get worse. “There’s going to be so many of these things used by people with very limited understanding of what they are… There’s going to be endless amounts of technology out there that people are going to easily be able to get access to.”
The article suggests “ensuring that IoT devices are on a completely different network to the rest of the IT estate.” But it ends by warning that “until IoT manufacturers bother to properly secure their devices — and the organizations which deploy them learn to properly manage them — DDoS attacks by IoT botnets are going to remain a huge threat.”
Read more of this story at Slashdot.