If you’ve seen the news this week, you’ve no doubt seen articles about a botnet called “Reaper”, “IoT Reaper” or “IoTroop” that is enslaving vulnerable smart devices like wireless routers, security cameras, and DVRs. While botnets are interested to cyber-security professionals, I’m sure the news made many people think “what the heck is a botnet and why do I care about it?”
In a simple explanation, a botnet is an army of internet-connected devices or computers that have been infected by malware and are now under the control of hackers. The malware is designed to infect devices and create an army of devices that can be enlisted to create distributed denial of service (DDoS) attacks like the one last October that took much of the East Coast offline. Botnets also can be used to steal data, send spam emails, or just simply allow a hacker to access the device and the internet connection it uses.
You may also hear the term “zombie” in connection with a botnet and that is simply because the malware lives on the compromised device and often the owner of the device is unaware of the infection of that the device is being used in attacks.
So what is it about this particular “IoT Reaper” botnet that has created such a buzz in the cyber-security industry? The sheer number of devices that are vulnerable, over 378 million, that can be brought into the botnet that has many worried. The hackers behind “IoT Reaper” are currently exploiting at least nine different vulnerabilities across different device manufacturers and appear to be adding to the list of vulnerabilities as they are found. Plus, like the Mirai botnet, “IoT Reaper” is a worm that jumps from one infected device to the next to spread the infection.
So all of that sounds scary, is there anything that can be done to prevent getting your devices enlisted into a “zombie” botnet army? YES!
As always, make sure that you don’t keep default username/password combinations on your internet connected anything. Also, check to see if your smart device manufacturer has released any firmware or security patches to close the vulnerabilities that are being abused by the botnet. Another great way to protect your IoT network is to place firewall protection at your internet connection but it’s also important to make sure that you keep your firewall up-to-date as well because threats are always evolving!