IoT devices could create catastrophic botnet

Next story
Olivia Storey

A recent study has shown that a new botnet has the capacity to ‘take down the internet’ via connected Internet of Things devices.

A new botnet has been found to have infected millions of organisations around the world, and has the potential to “take down the internet”, according to researchers. This botnet is targeting internet of things (IoT) devices, mainly internet routers and remote cameras, and it is evolving at a rapid pace.

Internet of Things is everywhere. You name it, and it probably comes with an IoT feature – smart door locks, smart kitchen appliances, Wi-Fi lighting, internet connected toys, smart baby monitors, even whole smart cities.

With DDoS attacks bringing websites and host sites down, like the Mirai botnet from 2016 which knocked Netflix, Twitter, Reddit and others offline, the fact is that the more IoT devices we own the more susceptible we become to attacks.

Mark James, ESET IT Security Specialist, discusses how devices can be targeted and compromised by botnets.

“With the sheer amount of IoT devices, supposedly exceeding £20 billion in 2017, it makes perfect sense that malware writers and indeed digital criminals will utilise as many of those devices as possible to help them plunder the internet.

“Unlike normal criminal activity it’s not governed by boundaries.

“It makes no difference if the compromised device exists in the UK, USA or Australia, it’s all fair game to them.

“Alongside food and water, the internet is fast becoming something we cannot exist without.

“Everywhere we go we want to be connected, and to do that effectively we need internet routers.

“As crime increases and funding for manpower decreases, the availability and cost of remote cameras seems the easiest solution to keep an eye on things.

“These two electronic devices exactly meet the requirements a botnet needs; the ability to understand remote commands, connect or distribute internet and be able to send information onwards.

“As devices get cheaper, it can in some cases go hand in hand with reduced security.

“On the other hand, to offer something that the end user can “plug and play” easily they have to ship it as user friendly as possible; it’s not always going to a tech guru.

“As this technology becomes more widely available, the average user needs to be able to order, receive, setup and forget as quickly as possible.

“All of these features make the perfect recipe for disaster, one we have seen before and we will see again, and worryingly will continue to see until security becomes a minimum standard for any internet connected device.”

Is the security of a smart device something you consider when buying one? Let us know on Twitter @ESETUK.

Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.