The use of botnets to disrupt Internet services form part of the near-term threat landscape.
This is according to a recent Juniper report, which notes embedded connectivity is increasingly being used as a product differentiator, but unless action is taken, it can lead to cyber security risk created by botnets. Juniperpredictsthat botnets will be used for more malicious purposes in future, impacting consumer, industrial and public services markets.
Attacks such as those on Dyn last October can be viewed as an example of things to come, notes research author Steffen Sorrell. With the Mirai botnet, hackers unleashed a complex attack on the Internet through common devices like Web cams and digital recorders and cut access to some of the world's best known Web sites. "Given that the botnet's source code has been made publicly available and that the Internet of things trend is on the rise, no decline in IOT botnet activity should be expected in the near future," adds Denis Makrushin, security researcher at Kaspersky Lab.
Sorrell believes in the medium-term, botnets will be used far more creatively - not only to disrupt services, but also to create a distraction enabling multi-pronged attacks aimed at data theft or physical asset disruption.
The challenge is that with the growth of mobility locally, many connected devices are not actually managed by IT departments, says Makrushin. As a result, many bot attacks are simply against IP-facing IOT devices, where an attacker is looking for basic passwords or vulnerabilities and companies are not aware their devices have been used in an attack, he adds.
The general consensus is that IOT devices are sitting ducks, especially if they are not protected - and it's an inevitability that they will be used as bots, says Makrushin. "Very few devices have the form factor and engineering to support additional security such as encryption, and/or lack an update mechanism to automatically pull and install patches. And to compound the issue is that devices are shipped with tepid passwords, default or weak credentials that are easily sniffed out by automated scripts."
Fortinet is already seeing an increase in very disparate type of attacks and there will be increased as we move onto 2020, as the world's business, digital estate assets and manufacturing are leaning towards IOT's solutions to improve productivity in the different vertical markets, says Paul Williams, country manager at Fortinet SADC.
"Some IOT botnet attacks are similar in some incidents, but as the industry moves forward we will see new types of attack characteristics which will have to be combated in different degrees as each IOT devices has a different operating system and different set of protocols they use, says Makrushin. "IOT botnets are not an upcoming threat. They are a real threat and we should be concerned about the future, and the past, as there are so many unsecured embedded devices out there."
Share