- Executing network-based attacks, such as Distributed Denial of Service attacks, against large companies by commanding these IoT bots to overwhelm systems with fake traffic.
- Deceitfully or forcefully redirecting users to commercial content in order to generate revenue, in what is essentially a form of marketing or affiliate fraud (e.g. pay-per-click fraud).
- Spying on users for the purpose of extortion or political influence.
“The increasingly advanced technical capabilities of IoT devices such as autonomous consumer-grade drones and smart appliances will not be able to keep pace with security and privacy requirements. This will drive large-scale compromises of IoT devices,” said IID Vice President of Threat Intelligence Sean Tierney. “As these devices are used to attack other networks or for retaliatory attacks, it will eventually lead to the ‘Battle of the Botnet’ for domination of IoT.”
gTLD Websites Go Dark
When the Internet Corporation for Assigned Names and Numbers (ICANN), which oversees the Domain Name System, began the process to issue hundreds of new gTLDs in 2013, the possibilities seemed limitless. Today, gTLDs run the gamut from “.apartments” to “.dentist” to “.porn” and so on. But looking ahead, many of these TLDs, as well as websites and other services that rely on them, could be short-lived because their adoption has been much smaller than anticipated.
IID anticipates an unprecedented series of domain registry failures as a result of the lack of gTLD popularity by 2017 in the form of bankruptcies and abandonment. “Most new gTLDs have failed to take off and many have already been riddled with so many fraudulent and junk registrations that they are being blocked wholesale,” said IID President and CTO Rod Rasmussen. “This will eventually cause ripple effects on the entire domain registration ecosystem, including consolidation and mass consumer confusion as unprofitable TLDs are dropped by their sponsoring registries.”
Should a gTLD go down, it would take any resident websites, email or other services with it, forcing their owners to scramble for new virtual real estate. There is a process in place to continue support of struggling registry operations until a larger registry or organization buys them in auction and rescues them. However, questions abound as to who would risk an investment in poorly performing TLDs, especially as they start to number in the hundreds. “That’s why eventually some are going to just plain go dark,” added Rasmussen.
The writing is already on the wall. For instance, in its original Fiscal Year 2015 budget draft, ICANN predicted 33 million new gTLD domain name registrations—a number it later revised to just 15 million. According to ntldstats.com, the final tally for FY2015, which ended June 30, 2015, was only 4.9 million registrations.