IoT Botnets & DDoS Attacks
November 2nd 2017
The Internet of Things (IoT) brings the promise of efficiency and innovation to an enterprise. IoT also greatly expands the threat to your organisation.
Just a year after Mirai - the biggest IoT-based malware that took down large portions of the internet impacted IP cameras and internet routers by simply exploiting their weak or default passwords. Security researchers are now warning of a brand new rapidly growing IoT botnet called 'IoT_reaper,' first spotted in September. Instead of merely guessing the passwords of the devices it infects, it uses known security flaws in the code of those insecure machines, hacking in with an array of compromise tools and then spreading itself further.
IoT_reaper malware currently includes exploits for nine previously disclosed vulnerabilities in IoT devices from following manufacturers:
- Dlink (routers)
- Netgear (routers)
- Linksys (routers)
- Goahead (cameras)
- JAWS (cameras)
- AVTECH (cameras)
- Vacron (NVR)
This is extremely worrying because it took only 100,000 infected devices for Mirai to took down DNS provider Dyn last year using a massive DDoS attack. Netgear has urged customers to update the software on their devices.
Individuals and organisations need to be more vigilant about the security of their smart devices.
Signing up IT managed services from a reputed and reliable managed service provider can prove quite beneficial in locating any weak points in the current system and suitably strengthen them to combat likely security threats. Unearthing potential vulnerabilities with the help of a trustworthy MSP and getting them to bridge any glaring gaps can go a long way in securing valuable business and personal data.
View our webinar on the Threat Landscape for Companies by clicking the link here.