There are billions of devices that now connect to the Internet, even devices that may seem to not have any practical reason to do so. However, there is a new type of malware that uses these devices to perform attacks on the networks of all types of organizations: Mirai.
The Mirai botnet, which was responsible for the attacks on Dyn (which controls much of the Internet) last year, has gradually created an immense network of infected Internet of Things devices. This includes smartwatches, printers, security cameras, and other connected devices enslaved by the malware. These devices are then used to fuel Distributed Denial of Service attacks on various entities. These attacks basically work by assaulting a network with so much traffic that it buckles underneath the weight of the attack and completely shuts down. While DDoS attacks were once developed for and powered by the ordinary desktop computer, mobile devices, which make up The Internet of Things, have instead become a very versatile means to utilize these botnet attacks.
This increase in popularity isn’t without solid reasoning. IoT devices have spread all over the world for countless and different purposes. After all, there’s strength in numbers, so the more devices that are infected, the better for the attackers. The more Internet of Things devices that are in a household, the more likely that these devices will be used by hackers. With many household appliances like coffee machines, refrigerators, blenders, and so much more now equipped with smart technology, these seemingly benign devices are more dangerous than you think.
There is also the question of how secure these devices are. In many cases, manufacturers don’t build adequate security into these devices, seeing them as no threat to the user. As the events of the DDoS attacks on Dyn make clear, security cannot be an afterthought for Internet of Things devices, as there is much more at stake than people initially realized. For an example of how this works, take a look at a researcher who decided to put the resilience of a security camera to the test. The researcher subjected the device to Mirai, and it took less than two minutes for the malware to infect it; quite shocking indeed.
In cases like this, there isn’t much that the user can do to protect their IoT devices. These unfortunate events are, however, opening the eyes of the industry as to where IoT devices fall short. Therefore, either these IoT devices will need enhanced security, or they will have relatively short lifespans.
Just how many IoT devices are in your office, and what are you doing about their security flaws? Are you prepared to deal with a BYOD security threat? To find out, reach out to us at 410-356-3113 or send us an email.