Forgot your password?

Back to login

Bots threaten security of Internet of Things
September 2, 2018, 12:30 pm

You may love your smart refrigerator, thermostat, door lock and scores of other small new gadgets that can communicate with each other and with the outside world to form the Internet of Things (IoT). But as long as they are on the open network they are vulnerable to various digital forms of attacks, especially by malicious bots that may recruit them to accomplish illegal activities. The more gadgetry that are added to the IoT network the more sources hackers have available to break-in with their rogue programs. Greater automation of the home obviously comes with greater security responsibilities for the home-owner

The potential for someone to hack IoT is a persistent vulnerability that is acknowledged by the digital security world. For years, the Def Con, the world’s largest underground hacking conference, has hosted an IoT Village entirely devoted to cracking Internet of Things devices. The 2014 event featured a router-hacking contest that turned up 15 major vulnerabilities in a matter of hours. For researchers, finding these flaws is so easy, it is a sport.

However, it is not all bad news. Your thermostat does not make a very attractive target to most hackers as there is very little monetizable information on it, compared to that on your phone or computer. But hackers could still compromise your IoT device by using them in a botnet scheme to disrupt servers, as happened in 2016 in the Mirai botnet attacks.

In October 2016 critical internet infrastructure in the United States were taken down by the Mirai botnet using an enormous distributed denial of service (DDoS) attack that took out huge swaths of the online web. Among the sites that suffered crippling interruption as a result of the attack were Twitter, Netflix, Spotify, Reddit and many others — all clients of Dyn, a domain name system (DNS) service provider. The DNS is used by computers to translate a web address into the correct numeric machine code that corresponds to a web address

Details are only now emerging about the nature of the attack, which used Mirai, a form of malware to infect networks. The malware continuously scans the internet for IP addresses of IoT devices and identifies vulnerable devices that use factory default usernames and passwords. It then logs on to these devices and turns them into remotely controlled robots (bots for short) in an army of robots (botnet) that launches large-scale attacks that slows down or totally cripples network servers.

The cause of disruptions on the Dyn servers in October was traced back to a Mirai-based IoT botnet that clogged traffic on the network by sending malicious requests from tens of millions of bot IP addresses. The attackers behind the Mirai botnet have since then released the source code publicly and security experts worry that it is only a matter of time before other malicious attacks could be mounted by someone else using variations of the same source code.

Infected devices will continue to function normally, except for occasional sluggishness and an increased use of bandwidth. If your IoT devices have been showing such symptoms recently, all you have to do is reboot the device and immediately change its factory-set username and password. Rebooting often involves nothing more complicated than just shutting off the device and turning it on after a short while. Remember to immediately change the username and password as the device could be re-infected within minutes. Also make sure you are receiving and installing regular security patches from the manufacturer. A more expensive solution is to get a smart router that isolates all your IoT devices on a separate network and monitors everything for signs of compromise. 

Share your views

"It is hard to fail, but it is worse never to have tried to succeed."

"Envy comes from wanting something that isn't yours. But grief comes from losing something you've already had."

Photo Gallery