IoT (Internet of Things) botnet

by Bryon Beilman | Oct 10, 2016 | Security | 0 comments

It's time to turn off your internet connected baby cams! The massive DDoS (distributed denial-of-service) attack on security blogger Brian Krebs' website originated from internet-connected DVRs and cameras.

Unlike traditional botnets, which infect PCs or wifi routers, the reported Mirai botnet is compromised of infected cameras and other devices. It spreads to other cameras by scanning for default admin or root passwords. Currently there are ~400,000 infected devices and growing.

Attacks like Mirai demonstrate that password resets should be mandatory during the initial setup of any device. Some IoT companies already do this. The key is to make it simple for consumers. Simple security will differentiate the products of major manufacturers from cheap products which are rushed to market.

To do:

1. Check your IoT device manuals or search online for password reset instructions.
2. If possible, disable SSH and Telnet on your devices. SSH and Telnet protocols are often left open with default passwords EVEN when the web login password is changed.
3. Perform a scan on your external IP address. Find your IP using IPINFO or similar, next use CENSYS or another external port scanning service to show what ports are open to the internet on your network. Once you have that list, adjust your firewall or disabling unnecessary protocols.

Doesn't that sound easy for a novice who just wanted to check the temperature at home!

Krebs posted a list of products which may be susceptible to the Mirai botnet. Check it out to verify if your internet-connected espresso maker has gone rogue... Personally, I'll stick with air-gapped espresso. Don't worry, I'm kidding. No espresso was harmed in this attack. :)

Subscribe Here For Our Blogs:

Recent Posts

Categories

see all