After yesterday’s attack on DynDNS, a provider of vital Infrastructure for the Internet, several big sites, including Reddit and GitHub were down. The speculations are, that IoT devices were used, same as in the last attacks to KrebsOnSecurity and OVH, which had massive 620 Gbps and > 1 Tbps traffic to their Infrastructure.
Is it time to regulate the security of Firmware for IoT devices? To punish companies which fail to fix security holes? To mandate auto-updating of Firmware to automatically secure these devices? I think it is, because the use of IoT devices will explode in the near future, and if we don’t do something to secure them, we’re shoveling our own digital grave with them.