• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • Daily Security Bytes
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

IoT Botnets Are Here to Stay – So Now What?

October 28, 2016 By The Editor

Internet of things graphic

In the fallout from last Friday’s distributed denial of service attacks on DNS (Domain Name Service) hosting provider Dyn, one question has been on everyone’s mind: How could an attack like this happen? Dyn said in a statement that the tens of millions of IP addresses associated with the attack were from IoT devices that had been infected with the same Mirai malware used in the earlier attacks on KrebsonSecurity and OVH. While botnets have existed since the early days of hacking, IoT botnets are a new twist on the old formula. Our Information Security Threat Analyst Marc Laliberte wrote a column for Help Net Security explaining how Mirai creates botnets made up of IoT devices and how they are different from the PC-based botnets of the past. Here’s an excerpt of his article:

The Mirai botnet follows the same formula of most botnet malware by performing two main functions; growing the botnet by finding and infecting more vulnerable hosts, and launch DDoS attacks using the infected hosts. Where Mirai and other IoT botnets differ from traditional Windows-based botnets though is their devastating effectiveness in spreading to a huge number of IoT device hosts.

In comparison to traditional Windows-based botnets, IoT botnets flourish thanks to a lack of security by design with most IoT devices. Many IoT manufacturers don’t have experience securing network connected devices and often opt for off-the-shelf, embedded operating systems without default settings and exposed network services.

Read the full article on Help Net Security and check out Corey Nachreiner’s recent Daily Security Byte video for more information on the Dyn attack.

Share This:

Related

Filed Under: Editorial Articles, Featured Tagged With: botnet, DDoS, Infosec news

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • USA’s Answer to GDPR
  • Rolling PWN

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Private Sector Offensive Actors
  • USA’s Answer to GDPR
  • Rolling PWN
  • Over a Billion Records Leaked in Shanghai National Police Database Hack
  • LockBit Ransomware Group Introduces Bug Bounties and More
View All

Search

Archives

Copyright © 2022 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use