The Rise of IoT Botnet Threats and DDoS attacks

Earlier this month, a report by Neustar International Security Council (NISC) revealed that many businesses viewed unsecured IoT devices as their biggest concern about the state of their organisation’s security. While ransomware and financial data theft were still viewed as among the top threats, the prospect of wireless devices being hacked and used as weapons to compromise companies’ systems ranked as a greater concern. The report is hardly surprising, given the recent developments in IoT botnets and the huge potential for unsecured IoT devices to be turned into a botnet army and used to launch DDoS attacks by hackers.

Last year the massive Distributed Denial of Service (DDoS) attack that brought down the Dyn Domain Name System (DNS) service served as a serious wake-up call for security teams about the dangers of DDoS attacks using the IoT. This year, one of the most recent developments relating to these attacks is the vulnerability found in Huawei HG532 routers that is being exploited to spread a variant of the Mirai malware called Mirai Okiru. The new Mirai botnet is targeting ARC-based IoT devices, which can be found in millions of consumer, mobile and IoT devices. With an anticipated 20.4 billion devices due to be deployed by 2020, it’s safe to say that the scale of a potential DDoS attack utilising this vulnerability could have devastating consequences. Therefore, it is important for organizations to ensure all devices are well-protected and security is baked in from the start. In addition, the danger behind Mirai Okiru is even more complex, given that the code to exploit this vulnerability became freely available shortly after the bug was discovered, and as a result, threat actors can implement it in future attacks to carry out their own DDoS attacks.

IoT devices still suffer from basic security vulnerabilities and it is precisely this lack of security that makes them so attractive to hackers. But it’s not just a password problem anymore. Attackers understand that manufacturers and users are waking up to the problem of passwords on IoT devices, and so are seeking more complex ways to access them. As this trend continues, and hackers become increasingly inventive when searching for new devices and ways to enlist them, there is really no limit to the size and scale of future DDoS attacks driven by IoT botnets.

After all, any device that has an Internet connection and a processor can be exploited. In an ideal world, all devices should be forced to go through some sort of network configuration before being used, rather than being exploitable from a default position.

Digital Enterprises can protect their networks from DDoS attacks fuelled by IoT-driven botnets by deploying real-time, automated solution at the network edge, which can instantaneously detect and mitigate DDoS activity and eliminate threats from entering a network. As with all DDoS threats, clear visibility is a crucial step in detecting and defending against attacks.

To find out more, contact us.