Ë
By Jason Wittick • November 4, 2016

The Botnet … A Ubiquitous and Clandestine Conscripted Army

 

cybermen-623x432.jpg
A Botnet is a collection malware-infected, internet-connected devices which can be remotely controlled as a group without the actual owner’s knowledge or permission. Botnets are often used to dispatch spam messages or as part of a Distributed Denial of Service (DDoS) attack which floods a target system with so much traffic that it fails. The ‘Internet of Things’ (IoT) has been described as “an electronic skin” which is poised to start covering the earth in a web of internet-connected devices that communicate and work together to improve our lives.

On the morning of Friday, October 21st, 2016, a massive DDoS attack disrupted service and affected internet connectivity to major websites including Twitter, Amazon, Netflix, Reddit and PayPal. The attack was deployed from a Botnet that was largely made up of IoT-capable devices including web and security cameras, PvRs & baby monitors. It serves as a stark example of how dangerous it can be to mix automation with non-existent, insufficient and shortsighted security.

Simplicity and a promise of an IoT-enhanced life is an intoxicating notion for consumers and manufacturers alike, but while individuals are busy clamoring for the latest technology-filled devices, companies that produce them often hastily develop and rush their products to market without sufficient hardening or ‘future-proofing’. Even an IoT device that is purchased as secure today will become progressively less so with each passing moment.

Manufacturers only produce what sells, so when they can reduce their prices by omitting the means to keep IoT security up-to-date, many consumers will most likely choose the slightly less expensive option in spite of or oblivious to any inherent, underlying risk. Considering how long people tend to own a device like a refrigerator or washing machine, it’s safe to assume that at some point in 5 or 10 years of ownership, hackers would have found and quietly exploited any vulnerabilities in factory-default or static IoT security.

The DDoS on October 21st was a result of default or static login credentials and open telnet ports that allowed hackers to wield tens of thousands of malicious endpoints (compromised devices) simultaneously and repeatedly. Although fallout from the attack was initially concentrated on Eastern North America, by early afternoon the problem was affecting users in Europe as well. Unless owners can and actually bother to change login credentials and patch or update embedded software or firmware, their devices will eventually be targeted, conscripted and incorporated into a Botnet.

Forcing a default credential change and software or firmware updates at setup is a popular first step, but at best it can only delay the inevitable unless users continue to diligently maintain their updated IoT security. No easy solution exists, and even after making our very best efforts to protect ourselves, the hackers and cyber-criminals remain at least one step ahead. As more and more IoT devices surround us, the risk and number of opportunities for compromise will only increase, so allowing users to opt-out of maintaining their technology is almost the same as giving them just enough rope to hang themselves.

Do you or your business use IoT-capable technology? Is the technology secure? Has it already been compromised? Are you sure?

Talk to our team, let us help you.

Tell Me More