The threat of IoT Botnets describes a network of devices that have been compromised by a cybercriminal or hacker and are being used to conduct a coordinated attack. Typically these devices are a mixture of computers and mobile devices. IoT Botnets can be utilized for many different types of cyber attack. Spam email campaigns and Distributed Denial of Service (DDOS) attacks are two common uses for botnets. A DDOS attack involves overwhelming a target with requests and causing the service to fail.
In both scenarios, using a network of compromised machines spreads an attacker’s point of origin. This means that DDOS attacks cannot be thwarted simply by blocking a single IP address, and makes it tough for spam filters to identify the source of malicious email. The most commonly discussed examples of these smart devices tend to be consumer-focussed, such as the capacity to control your home heating from your smartphone. But increasingly, there are more and more uses of IoT devices in the business world. Many industries now use a connected network of sensors and cameras to capture data and automate decisions based on that information.
Potential Threat of IoT Botnets
Gartner has predicted that there will be approximately 20 billion IoT devices by the year 2020. And because these devices have an IP address and the ability to share data, they are susceptible to cyber criminals. In fact, many of these devices are far easier to hack than traditional computers and smartphones. In a rush to catch early adopters, manufacturers are overlooking security in favor of product features and speed to market. Additionally, as the industry is still quite new, there are no standardized methods for detecting and fixing a compromised IoT appliance.
The Increased Threat of DDOS and IoT Botnets
One of the main threats that IoT botnets pose is they make DDOS attacks easier to conduct. Many of these appliances may be connected via the same router, and with their low security levels, it’s easy for hackers to compromise multiple devices very quickly. For businesses, this means that even the many consumer IoT gadgets are a threat. Back in 2014, cyber security experts Proofpoint discovered an attack that utilized consumer devices in a sustained cyber breach.
The Internet of Things offers many easy-to-reach IP addresses with which to conduct an attack. And while DDOS attacks aimed at a particular company can be damaging to business and reputation, a coordinated attack of this nature aimed at a country’s critical infrastructure could have even more damaging effects.
The second major threat of IoT Botnets is compromised IoT devices is related to the nature of the work they do. As mentioned previously, the role these appliances play tends to involve the collection of data and subsequent decision-making process. This data itself could be valuable to criminals via IoT botnets. The heating and lighting habits of a particular building could indicate the times when it’s staffed, for example.
But even more dangerous is the prospect that hackers could manipulate this data. For industries that use sensors to indicate that equipment components have exceeded their designed wear thresholds, an inaccuracy in this information could have life-threatening repercussions.
Taking Protective Action to the Threat of IoT Botnets
All of this concern inevitably leads us onto the question of what users can do to protect themselves against these attacks. And the honest answer at the moment is that it’s tricky to take definitive action. Much of the progress to secure these devices needs to be made by the manufacturers themselves.
But there a few things that businesses can do to mitigate the risk. The first thing to do is to review your cyber security processes. If you assume that your email filters would not be able to stop a coordinated spam attack using IoT botnets, then how well educated are your users? Do they know how to identify a suspect email?
Secondly, if you’re a business that uses IoT devices, ensure that you have strong login credentials and that you have a robust process for installing any manufacturer updates and patches. You may also be able to segment these appliances onto a separate network to reduce the risk of lateral infection into the rest of your organization.
Probably the biggest thing users can do to threat of IoT botnets is to petition the vendors to take it more seriously. Practices such as digital firmware signatures and anomaly detection could begin to make these devices more secure. It’s clear that the Internet of Things poses a security risk to consumers and businesses alike. There’s no easy answer when it comes to protecting your business from attack. All companies should be reviewing their security policies, having recognized the increased threat of an attack that has multiple origins.
And for businesses that utilize IoT appliances, it’s a case of understanding there is an element of danger and ensuring that the competitive edge offered by these devices outweighs that risk. What does this decision process look like in your business? Are you using IoT appliances and has the phrase ‘Internet of Things’ started to work its way into your general security policy conversations? Are you prepared to face the threat of IoT botnets?