IoT-Based DDoS Attacks Are Growing and Making Use of Common Vulnerabilities

Internet of Things (IoT) devices have been the primary force behind the biggest distributed denial of service (DDoS) botnet attacks for some time. It's a threat that has never really diminished, as numerous IoT device manufacturers continue to ship products that cannot be properly secured. A10 Networks, a leading application delivery controller manufacturer, has been keeping tabs on DDoS attacks around the globe for several years now. The company's quarterly State of DDoS Weapons Report provides a very useful snapshot of the current activity and threat level. The recently-published report for the fourth quarter of 2019 is noteworthy in identifying some new trends that are amplifying DDoS attacks, including a common vulnerability in the WD-Discovery protocol that is being widely exploited and the use of autonomous number systems (ANS) to track attacks back to their source.