Homepage This page's url is: -crn- Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs HPE Zone Intel Partner Connect Digital Newsroom Dell Technologies World Newsroom Dell Technologies Newsroom HP Reinvent 2020 Newsroom IBM Newsroom The IoT Integrator Lenovo Newsroom NetApp Data Fabric Intel Tech Provider Zone

Salesforce Security CTO: How A DDoS Attack Can Impact A Smart Grid

October's distributed denial-of-service attack represents the ability to infiltrate massive IoT systems, says Salesforce CTO Taher Elgamal.

October's distributed denial-of-service attack may have only influenced websites like Netflix and Twitter, but the security attack has much higher stakes, said Salesforce CTO Taher Elgamal.

The denial-of-service attack was launched through Internet of Things consumer devices, including webcams, routers and video recorders, to overwhelm servers at Dynamic Network Services (Dyn) and led to the blockage of more than 1,200 websites. But Elgamal, speaking Tuesday at IEEE World Forum of IoT this week in Reston, Va., said the attack could have even more dire consequences in another scenario.

"What does it mean to mount a denial-of-service attack on a power grid? If the energy grid is down for 15 minutes … that affects the entire society," he said. "All of a sudden the threats that we used to care about but not too much come front and center. What happens if you could inject data into something? … We could actually modify the readings off these meters.’

October's attack has deepened the industry's concerns over the security risks in the Internet of Things.

The attack on Dyn came from tens of millions of addresses on devices infected with malicious software codes, knocking out access by flooding websites with junk data.

To keep up with the changes that users will face from IoT, security experts need a new way to approach threat modeling, argued Elgamal. For instance, security specialists need to think of a threat model that is asset-centric rather than attack-centric, since assigning "value" to losses may be difficult in many cases of IoT.

"Crossing into the physical world of IoT is taken very lightly – but it shouldn't be," he said. "As a society we need to build systems that are better and that aren't open so that hackers can access them."

Back to Top

related stories



sponsored resources