Welcome to the wonderful world of hijacked IoT devices

IoT mobility security CSC Blogs

Last month, cyber hackers launched one of the largest DDoS attacks ever, crippling KrebsOnSecurity, a popular website run by tech security journalist Brian Krebs.

What’s particularly chilling about this attack is that it used a network of connected devices — otherwise known as the Internet of Things (IoT). Here’s what happened to KrebsOnSecurity, as described by Motherboard’s Lorenzo Franceschi:

The hackers, whose identity is still unknown at this point, used not one, but two networks — commonly referred to as “botnets” in hacking lingo — made of around 980,000 and 500,000 hacked devices, mostly internet-connected cameras, according to Level 3 Communications, one of the world’s largest internet backbone providers. The attackers used all those cameras and other unsecured online devices to connect to the journalists’ website, pummeling the site with requests in an attempt to make it collapse.

What’s more chilling is that the hackers have released the source code for the malware, called Mirai, an act that has already spawned more attacks, according to security vendor Imperva. “Likely, these are signs of things to come and we expect to deal with Mirai-powered attacks in the near future,” the company writes in its blog, Lovely.

Most of the cameras used in the attack, Imperva says, are CCTV cameras — your basic store and location security camera. But the company said other IoT devices such as DVRs and routers also played a role.

“With over a quarter billion CCTV cameras around the world alone, as well as the continued growth of other IoT devices, basic security practices like these should become the new norm,” Imperva says, adding with great understatement, “Make no mistake; Mirai is neither the first nor the last malware to take advantage of lackluster security practices.”

The security vendor offers a couple of specific suggestions to help enterprises thwart Mirai attacks in its blog. On a more macro level, Forbes contributor Janakiram MSV urges enterprises to adopt a comprehensive IoT strategy that includes implementation of security, governance and policy rules:

Security is critical for IoT projects. Datasets must be carefully anonymized, encrypted and compressed before processing. A comprehensive governance model is necessary to restrict access to sensitive data and reports. Policies will define which roles and personas are allowed to control the devices, and accessing the business intelligence dashboards. IoT security is tightly integrated with existing corporate policies and security best practices.

Yes, it’s a lot of work. But do you know what’s a lot more work? Recovering from a massive botnet attack. Again and again.

Is your enterprise prepared for IoT-powered botnet attacks?

RELATED LINKS

Hacking insulin pumps? There’s no excuse anymore

Mobile security best practices only work if you, well, practice them

The high cost of gaps in enterprise mobility

Comments

  1. Chris Lennon says:

    Understanding the security capabilities (how they tie to best practices and internal policies) combined with getting “big eyed” over the newest IOT capabilities will be a norm we will need to adopt moving forward.

    Like

Trackbacks

  1. […] Welcome to the wonderful world of hijacked IoT devices […]

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: