Mirai botnet shows just how vulnerable the IoT really is

Alan Grau, president and co-founder of Icon Labs

Internet-based attacks are on the rise and, increasingly, these attacks target IoT devices like DVRs, web cams, and appliances.

Cyber-criminals, hacking bots, industrial or international espionage agents, and even terrorist groups are now targeting industrial, military, automotive, medical, utility systems, and ultimately the internet itself, as demonstrated by the recent cyber-attack directed at Dyn (a domain name system host). The attack caused an outage in internet services for numerous large-scale internet-based companies.

How did this happen? In September, the creator of Mirai, malware that converts IoT devices into bots, released the source code thereby allowing anyone to build their own botnet army made of IoT devices. The botnet searches for devices that have weak factory default or hard-coded user names and passwords, all of which are particularly vulnerable to attack. Once the devices have been identified and turned into bots, they can be directed to attack a single source, thus crippling its ability to function, says Alan Grau is president and co-founder of Icon Labs.

On October 21, 2016, a botnet comprised of millions of these devices attacked Dyn, causing a significant outage of internet services. This may be one of the first large-scale attacks using IoT devices, but it is certainly not the last. With millions of unprotected IoT devices, we are vulnerable to a major attack that could considerably impact the internet infrastructure, and possibly bring it to a standstill.

Botnet web
Botnet web

This time it was relatively contained to one company, but next time it could be bigger and more damaging. Even scarier, this botnet is still in existence and it will be almost impossible to defuse future attacks, at least not until existing devices are updated with new security features.

This attack didn’t have to happen. OEMs can build in protection at the device-level that will protect against a botnet attack. Building protection into the device itself provides a critical security layer.

Given these new security capabilities, the devices are no longer depending on the user (in home, non-technical consumers) to update the user name and password as the sole layer of security. In addition, the security can be customised to the needs of the device.

Many of today’s modern IoT devices are mini-computers connected to numerous other vulnerable devices. Including security in these devices is a critical design task. Security features must be considered early in the design process to ensure the device is protected from the advanced cyber-threats they will be facing.

It’s imperative that we address this problem, as evidenced by the recent notice from the Department of Homeland Security, which issued a warning about attacks from the Internet of Things following the release of the code for Mirai. They are worried and you should be too.

The author of this blog is Alan Grau is president and co-founder of Icon Labs.

Comment on this article below or via Twitter: @IoTNow_ OR @jcIoTnow

RECENT ARTICLES

Workz debuts unrestricted IoT device management

Posted on: May 3, 2024

Workz, a cloud-based eSIM vendor, has launched its new remote device management solution designed for the Internet of Things (IoT) industry. The platform eliminates the restrictions associated with traditional technologies

Read more

Itron improves Temetra platform for water utilities in Australia and New Zealand

Posted on: May 2, 2024

Itron expands the capabilities of its Temetra platform in Australia and New Zealand to include NB-IoT communications, enabling digital transformation for water utilities. Temetra’s comprehensive offering includes metre data processing,

Read more
FEATURED IoT STORIES
What is IoT answer

What is IoT? A Beginner’s Guide

Posted on: April 5, 2023

What is IoT? IoT, or the Internet of Things, refers to the connection of everyday objects, or “things,” to the internet, allowing them to collect, transmit, and share data. This

Read more
iot adoption

The IoT Adoption Boom – Everything You Need to Know

Posted on: September 28, 2022

In an age when we seem to go through technology boom after technology boom, it’s hard to imagine one sticking out. However, IoT adoption, or the Internet of Things adoption,

Read more

9 IoT applications that will change everything

Posted on: September 1, 2021

Whether you are a future-minded CEO, tech-driven CEO or IT leader, you’ve come across the term IoT before. It’s often used alongside superlatives regarding how it will revolutionize the way

Read more
IoT Now Enterprise Buyers’ Guide Which IoT Platform 2021

Which IoT Platform 2021? IoT Now Enterprise Buyers’ Guide

Posted on: August 30, 2021

There are several different parts in a complete IoT solution, all of which must work together to get the result needed, write IoT Now Enterprise Buyers’ Guide – Which IoT

Read more
CAT-M1 vs NB-IoT

CAT-M1 vs NB-IoT – examining the real differences

Posted on: June 21, 2021

As industry players look to provide the next generation of IoT connectivity, two different standards have emerged under release 13 of 3GPP – CAT-M1 and NB-IoT.

Read more
internet of things isometric illustration of connected things

IoT and home automation: What does the future hold?

Posted on: June 10, 2020

Once a dream, home automation using iot is slowly but steadily becoming a part of daily lives around the world. In fact, it is believed that the global market for

Read more
iot challenges and issues

5 challenges still facing the Internet of Things

Posted on: June 3, 2020

The Internet of Things (IoT) has quickly become a huge part of how people live, communicate and do business. All around the world, web-enabled devices are turning our world into

Read more