{"id":1979,"date":"2016-11-22T06:00:36","date_gmt":"2016-11-22T06:00:36","guid":{"rendered":"https:\/\/live-infoblox-blog.pantheonsite.io\/?p=1979"},"modified":"2024-02-05T11:58:09","modified_gmt":"2024-02-05T19:58:09","slug":"ddos-iot-and-ipv6-addressing-the-threat","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/","title":{"rendered":"DDoS  IoT  and IPv6: Addressing the Threat!"},"content":{"rendered":"<p>The\u00a0DDoS attack against DNS provider\u00a0Dyn on October 21st (though relatively brief)\u00a0gained a lot of public\u00a0attention because it took down some\u00a0of the Internet\u2019s most popular websites\u00a0weekday. The\u00a0<a href=\"http:\/\/hub.dyn.com\/blog\/dyn-analysis-summary-of-friday-october-21-attack\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">forensic\u00a0details<\/a>\u00a0of the attack were available almost immediately: the Mirai botnet leveraging tens of thousands of IoT devices (e.g.,\u00a0CCTV cameras, DVRs, etc) generated an IP death-ray that\u00a0<a href=\"https:\/\/krebsonsecurity.com\/2016\/10\/ddos-on-dyn-impacts-twitter-spotify-reddit\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">may have exceeded 1.2Tb\/s at times<\/a>\u00a0and that was pointed at Dyn\u2019s managed DNS platform.<\/p>\n<p>That DNS can be the achilles heel of any\u00a0network service isn\u2019t news to anyone who\u2019s spent more than an hour troubleshooting said services. And\u00a0<a href=\"https:\/\/community.infoblox.com\/t5\/Company-Blog\/Expert-Perspective-How-to-Defend-Against-the-Next-DDoS-Attack\/ba-p\/8110\" target=\"_blank\" rel=\"noopener noreferrer\">the DNS-based\u00a0mitigations<\/a>, if not total\u00a0solutions, to such attacks are as arguably\u00a0prosaic as the attacks themselves\u00a0are dramatic. As stated by our own DNS boffin Cricket Liu: &#8220;Build in redundancy. Many companies rely on a single DNS provider like Dyn, leaving them vulnerable to attacks. Instead, businesses need to either deploy some on-premises appliances that can serve as external authoritative name servers \u2013 the servers that advertise their DNS data to the Internet \u2013 or bring in a second DNS provider. This is no different from ensuring that your company has redundant connections to the Internet.\u201d<\/p>\n<p>But even with these\u00a0reasonable measures taken to protect DNS, the IoT devices themselves remain largely unsecured. In the case of the Mirai malware,\u00a0<a href=\"https:\/\/motherboard.vice.com\/read\/internet-of-things-malware-mirai-ddos\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">basic password\u00a0dictionary attacks against IoT devices using telnet<\/a>\u00a0suggest that even the most basic security measures applied by device vendors or consumers\u00a0could reduce the number of vulnerable devices and thus, overall volume of such attacks. This of course is easier said than done. Network security analyst Bruce Schneier compellingly argues\u00a0that\u00a0<a href=\"https:\/\/www.schneier.com\/blog\/archives\/2016\/10\/security_econom_1.html\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">the results of poor IoT\u00a0device\u00a0security is an externality<\/a>\u00a0for both device\u00a0users and vendors and that some form of\u00a0regulation will be required to fix the problem.<\/p>\n<p>But where does IPv6 fit in to all this? This is, after all, an IPv6 blog and we\u00a0can all be excused\u00a0for a Pavlov\u2019s-canine-like\u00a0response to any mention of\u00a0IoT with the query \u201cWhither IPv6?&#8221;<\/p>\n<p>As repeated\u00a0ad infinitum (ad nauseam), IoT and IPv6 are inextricably bound by necessity: the\u00a0<a href=\"http:\/\/www.gartner.com\/newsroom\/id\/3165317\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">predicted 20 billion-by-2020 IoT devices<\/a>\u00a0will require IPv6 to connect to the Internet. The economics of IoT for vendors suggest that security will continue to be an afterthought for IoT devices unless regulation happens. The introduction of\u00a0IPv6 to this equation complicates this picture, implying\u00a0an ongoing\u00a0crisis with neither IPv4 nor IPv6 properly secured. But it\u00a0also underlines\u00a0an opportunity: It is, as Homer Simpson once trenchantly put it: a \u201ccrisitunity\u201d!<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-medium wp-image-1980\" src=\"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/DDoS.jpg\" alt=\"Crisitunity\" width=\"300\" height=\"172\" srcset=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/DDoS.jpg 400w, https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/DDoS-300x172.jpg 300w\" sizes=\"auto, (max-width: 300px) 100vw, 300px\" \/><\/p>\n<p>First, the complication. The same\u00a0lack of\u00a0economic incentives\u00a0that discourage\u00a0IoT vendors from\u00a0building robust\u00a0security features into\u00a0their IPv4\u00a0devices, discourage them equally in IPv6. In fact, it may prove cheaper to exclusively\u00a0build IPv6-only devices. Given that IPv6 traffic levels\u00a0<a href=\"http:\/\/www.internetsociety.org\/deploy360\/blog\/2016\/08\/facebook-akamai-pass-major-milestone-over-50-ipv6-from-us-mobile-networks\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">exceeded 50% among US\u00a0mobile carriers last year<\/a>\u00a0and\u00a0that\u00a0predictions are for a majority IPv6 Internet by 2018, vendors and service-providers will be under tremendous pressure to save money by limiting the amount of money they spend supporting IPv4 features and services.<\/p>\n<p>An IPv6 Internet means of course that DDoS volume won\u2019t vary much based on the address family being used to launch the attack. It also remains to be seen whether many of the IoT\u00a0devices coming online to support an Internet of Everything will be a) directly connected to the Internet (as opposed to behind a gateway \u2014 and implying an entirely different if not more sanguine, security story), and b) sufficiently resourced (e.g.,\u00a0power, bandwidth, processing)\u00a0to help sustain future DDoS\u00a0attacks.<\/p>\n<p>But regardless, in the interval before and during\u00a0the impending\u00a0manifestation of an Internet of Everything (with all the risk that implies for a Hobbesian world of endless\u00a0DDoS attacks\u00a0directly\u00a0impacting life-or-death\u00a0services that are\u00a0now more-or-less\u00a0safely isolated\u00a0in\u00a0meatspace),\u00a0IoT vendors and users have an opportunity (not to mention responsibility) to assess how the security posture of their IoT\u00a0devices can be improved and\/or purpose-built. This obviously\u00a0includes basic stuff like password security and closing commonly exploited TCP ports. But it also includes leveraging elements unique to IPv6.<\/p>\n<p>For instance, the enormous address space of IPv6 prevents the smallest legal\u00a0unit of subnetting, the \/64 (with 1.8E19 addresses!), from being casually\u00a0scanned in the same way IPv4 can easily be. In fact, as Geoff Huston pointed out in a\u00a0<a href=\"https:\/\/blog.apnic.net\/2015\/04\/30\/the-internet-of-stupid-things\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">blog post\u00a0about IoT<\/a>\u00a0last year, using a publicly available, open-source tool like\u00a0<a href=\"https:\/\/zmap.io\/\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Zmap<\/a>\u00a0it would take less than 5 minutes to scan the entire IPv4 address space. At a million addresses per second, scanning\u00a0a single IPv6\u00a0\/64 would still take more time than the age of the universe.<\/p>\n<p>To be fair, deriving security from this or any other\u00a0facet of IPv6\u00a0goes beyond any single vendor or user but now is the time to begin to collaboratively and collectively\u00a0addressing this looming\u00a0technical and security debt.\u00a0While it\u2019s not entirely\u00a0clear what combination of purpose-built features and\u00a0deployment practices will best secure tomorrow&#8217;s Internet of Everything, attacks like the recent one on Dyn are proof that such collaboration is already\u00a0overdue.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The\u00a0DDoS attack against DNS provider\u00a0Dyn on October 21st (though relatively brief)\u00a0gained a lot of public\u00a0attention because it took down some\u00a0of the Internet\u2019s most popular websites\u00a0weekday. The\u00a0forensic\u00a0details\u00a0of the attack were available almost immediately: the Mirai botnet leveraging tens of thousands of IoT devices (e.g.,\u00a0CCTV cameras, DVRs, etc) generated an IP death-ray that\u00a0may have exceeded 1.2Tb\/s at [&hellip;]<\/p>\n","protected":false},"author":319,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[124,16,49,59,15],"class_list":{"0":"post-1979","1":"post","2":"type-post","3":"status-publish","4":"format-standard","6":"category-security","7":"tag-defence","8":"tag-infoblox","9":"tag-mitigate-threats","10":"tag-risk","11":"tag-security","12":"entry"},"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.3 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>DDoS IoT and IPv6: Addressing the Threat!<\/title>\n<meta name=\"description\" content=\"The DDoS attack against DNS provider Dyn on October 21st (though relatively brief) gained a lot of public attention because it took down some of the Internet\u2019s most popular websites weekday. The forensic details of the attack were available almost immediately: the Mirai botnet leveraging tens of thousands of IoT devices (e.g., CCTV cameras, DVRs, etc) generated an IP death-ray that may have exceeded 1.2Tb\/s at times and that was pointed at Dyn\u2019s managed DNS platform.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"DDoS IoT and IPv6: Addressing the Threat!\" \/>\n<meta property=\"og:description\" content=\"The DDoS attack against DNS provider Dyn on October 21st (though relatively brief) gained a lot of public attention because it took down some of the Internet\u2019s most popular websites weekday. The forensic details of the attack were available almost immediately: the Mirai botnet leveraging tens of thousands of IoT devices (e.g., CCTV cameras, DVRs, etc) generated an IP death-ray that may have exceeded 1.2Tb\/s at times and that was pointed at Dyn\u2019s managed DNS platform.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2016-11-22T06:00:36+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-02-05T19:58:09+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/DDoS.jpg\" \/>\n<meta name=\"author\" content=\"Tom Coffeen\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Tom Coffeen\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/\"},\"author\":{\"name\":\"Tom Coffeen\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b299068ee4a9f542d2ad7d59a5b1d5b1\"},\"headline\":\"DDoS IoT and IPv6: Addressing the Threat!\",\"datePublished\":\"2016-11-22T06:00:36+00:00\",\"dateModified\":\"2024-02-05T19:58:09+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/\"},\"wordCount\":863,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/DDoS.jpg\",\"keywords\":[\"Defence\",\"Infoblox\",\"mitigate threats\",\"Risk\",\"Security\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/\",\"name\":\"DDoS IoT and IPv6: Addressing the Threat!\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/DDoS.jpg\",\"datePublished\":\"2016-11-22T06:00:36+00:00\",\"dateModified\":\"2024-02-05T19:58:09+00:00\",\"description\":\"The DDoS attack against DNS provider Dyn on October 21st (though relatively brief) gained a lot of public attention because it took down some of the Internet\u2019s most popular websites weekday. The forensic details of the attack were available almost immediately: the Mirai botnet leveraging tens of thousands of IoT devices (e.g., CCTV cameras, DVRs, etc) generated an IP death-ray that may have exceeded 1.2Tb\\\/s at times and that was pointed at Dyn\u2019s managed DNS platform.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/#primaryimage\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/DDoS.jpg\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/DDoS.jpg\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/ddos-iot-and-ipv6-addressing-the-threat\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"DDoS IoT and IPv6: Addressing the Threat!\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/b299068ee4a9f542d2ad7d59a5b1d5b1\",\"name\":\"Tom Coffeen\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_319_1574118081-96x96.jpg\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_319_1574118081-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_319_1574118081-96x96.jpg\",\"caption\":\"Tom Coffeen\"},\"description\":\"Tom Coffeen is a network engineer, architect, and author with over twenty years of internetwork design, deployment, administration, and management experience. Tom co-founded HexaBuild, an IT consultancy specializing in the advancement of cloud, IoT, and security deployment best practices through IPv6 adoption. Prior to co-founding HexaBuild, Tom was an IPv6 Evangelist and a Distinguished Architect at Infoblox. Before that Tom was the VP of network architecture at the global CDN Limelight Networks where he led their deployment of IPv6. He is also the author of O\u2019Reilly Media\u2019s IPv6 Address Planning.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/tom-coffeen\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"DDoS IoT and IPv6: Addressing the Threat!","description":"The DDoS attack against DNS provider Dyn on October 21st (though relatively brief) gained a lot of public attention because it took down some of the Internet\u2019s most popular websites weekday. The forensic details of the attack were available almost immediately: the Mirai botnet leveraging tens of thousands of IoT devices (e.g., CCTV cameras, DVRs, etc) generated an IP death-ray that may have exceeded 1.2Tb\/s at times and that was pointed at Dyn\u2019s managed DNS platform.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/","og_locale":"en_US","og_type":"article","og_title":"DDoS IoT and IPv6: Addressing the Threat!","og_description":"The DDoS attack against DNS provider Dyn on October 21st (though relatively brief) gained a lot of public attention because it took down some of the Internet\u2019s most popular websites weekday. The forensic details of the attack were available almost immediately: the Mirai botnet leveraging tens of thousands of IoT devices (e.g., CCTV cameras, DVRs, etc) generated an IP death-ray that may have exceeded 1.2Tb\/s at times and that was pointed at Dyn\u2019s managed DNS platform.","og_url":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/","og_site_name":"Infoblox Blog","article_published_time":"2016-11-22T06:00:36+00:00","article_modified_time":"2024-02-05T19:58:09+00:00","og_image":[{"url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/DDoS.jpg","type":"","width":"","height":""}],"author":"Tom Coffeen","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Tom Coffeen","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/"},"author":{"name":"Tom Coffeen","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b299068ee4a9f542d2ad7d59a5b1d5b1"},"headline":"DDoS IoT and IPv6: Addressing the Threat!","datePublished":"2016-11-22T06:00:36+00:00","dateModified":"2024-02-05T19:58:09+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/"},"wordCount":863,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/#primaryimage"},"thumbnailUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/DDoS.jpg","keywords":["Defence","Infoblox","mitigate threats","Risk","Security"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/","url":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/","name":"DDoS IoT and IPv6: Addressing the Threat!","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/#primaryimage"},"thumbnailUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/DDoS.jpg","datePublished":"2016-11-22T06:00:36+00:00","dateModified":"2024-02-05T19:58:09+00:00","description":"The DDoS attack against DNS provider Dyn on October 21st (though relatively brief) gained a lot of public attention because it took down some of the Internet\u2019s most popular websites weekday. The forensic details of the attack were available almost immediately: the Mirai botnet leveraging tens of thousands of IoT devices (e.g., CCTV cameras, DVRs, etc) generated an IP death-ray that may have exceeded 1.2Tb\/s at times and that was pointed at Dyn\u2019s managed DNS platform.","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/#primaryimage","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/DDoS.jpg","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/DDoS.jpg"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/ddos-iot-and-ipv6-addressing-the-threat\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"DDoS IoT and IPv6: Addressing the Threat!"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/b299068ee4a9f542d2ad7d59a5b1d5b1","name":"Tom Coffeen","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_319_1574118081-96x96.jpg","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_319_1574118081-96x96.jpg","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_319_1574118081-96x96.jpg","caption":"Tom Coffeen"},"description":"Tom Coffeen is a network engineer, architect, and author with over twenty years of internetwork design, deployment, administration, and management experience. Tom co-founded HexaBuild, an IT consultancy specializing in the advancement of cloud, IoT, and security deployment best practices through IPv6 adoption. Prior to co-founding HexaBuild, Tom was an IPv6 Evangelist and a Distinguished Architect at Infoblox. Before that Tom was the VP of network architecture at the global CDN Limelight Networks where he led their deployment of IPv6. He is also the author of O\u2019Reilly Media\u2019s IPv6 Address Planning.","url":"https:\/\/www.infoblox.com\/blog\/author\/tom-coffeen\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/1979","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/319"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=1979"}],"version-history":[{"count":2,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/1979\/revisions"}],"predecessor-version":[{"id":9494,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/1979\/revisions\/9494"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=1979"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=1979"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=1979"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}