Verizon’s Data Brief Digest 2017 describes an attack against an unnamed university by attackers who hacked a variety of IoT devices and had them spam network targets and slow them down:
Analysis of the university firewall identified over 5,000 devices making hundreds of Domain Name Service (DNS) look-ups every 15 minutes, slowing the institution’s entire network and restricting access to the majority of internet services.
In this instance, all of the DNS requests were attempting to look up seafood restaurants — and it wasn’t because thousands of students all had an overwhelming urge to eat fish — but because devices on the network had been instructed to repeatedly carry out this request.
“We identified that this was coming from their IoT network, their vending machines and their light sensors were actually looking for seafood domains; 5,000 discreet systems and they were nearly all in the IoT infrastructure,” says Laurance Dine, managing principal of investigative response at Verizon.
The actual Verizon document doesn’t appear to be available online yet, but there is an advance version that only discusses the incident above, available here.