This raises is one that many in the security industry have been asking the most. Internet of Things (IoT) botnet are cross systems of connected devices with security flaws – such as webcams and video recorders – which, after being attacked by malware, are controlled by a single attacker. This perverse practice garnered attention in 2016 when the Mirai botnet disrupted Internet use on the East Coast of the United States, hitting Internet hosting provider OVH and KrebsOnSecurity with record DDoS attacks.
A botnet is not a virus in and of itself, but rather a collection of connected devices that have been infected with malware that allows cyber attackers to gain control and use them as they please. Attackers often use their botnets to launch DDoS attacks as we have seen, but they can also be used to send SPAM in the form of spam emails, detect confidential passwords, or distribute ransomware.
How an IoT botnet like Mirai can do harm
The DDoS attacks launched by Mirai showed that we must take IoT-based botnets seriously. A single attack against DNS hosting provider Dyn, for example, managed to block access to dozens of very popular websites, including PayPal, Airbnb, Reddit, and Netflix.
But Mirai was only the beginning. These botnets are cheap and easy to store, thanks to the poor or non-existent security controls of most IoT devices. The problem is that all these devices (although not all) were created years ago without thinking that cybercrime could pose a threat, with what they are a potential “army of sleeping zombies, waiting for someone to wake them up.
Attackers will likely invest more resources in taking control of the hordes of IoT devices added to the Internet every day. Industrial manufacturers of IoT devices need to use the recent attacks as a wake-up call to refocus the security of their products.
Consumers and IT departments must be careful to protect the IoT devices they already have deployed, especially those that no longer receive or never received security updates from the manufacturer. Simple things like blocking incoming internet access to an IoT device can go a long way in preventing it from becoming the next infected host.
Other reads:
Mozi – A great threat to the IoT
IoT – Also known as Internet of Things
[…] reads:IoT Botnet Attacks – A problem for CybersecurityEdge Computing – What is this technologyIoT – Also known as Internet of […]