A year after the Mirai botnet used Internet of Things devices to launch a Distributed Denial of Service (DDoS) attack almost as twice as big as any similar attack that came before it, disrupting the firm that provides online infrastructure to Twitter, Amazon, Spotify, Netflix and other bastions of the web, there is a new IoT botnet to fear.
IoT_Reaper, also known as “the Reaper,” is a Linux bot targeting embedded devices like webcams and home router boxes. Somewhat loosely based on the Mirai source code, it utilizes at least ten vulnerabilities in IoT devices that have been identified between 2013 and now. All of these vulnerabilities have been patched by the vendors yet some reports suggest that there are millions of devices infected.
How is that possible? Vulnerability patches are only useful if the actual devices get updated. And the updates are not getting performed.
“Many IoT device vendors have little to no experience in building internet-connected devices,” Mikko Hypponen, F-Secure’s Chief Research Officer, and Tomi Tuominen, F-Secure’s Practice Leader, wrote in the F-Secure State of Cyber Security 2017. “They build IoT devices to be cheap and to work, but not to be secure.”
Likewise, many customers aren’t yet educated to understand that they may need to update the internet-connected things in their home the way the have their phones and PCs for years. We’re used to buying appliances that work for decades and trusting that manufacturers have designed them to work for their entire lifetime.
The IoT is changing everything. But manufacturers aren’t yet delivering devices built for the future and customers aren’t yet demanding them.
With the number of connected devices set to exceed 5 billion by the end of 2017 and then more than double by to 12.8 billion by 2020, a growing sea of vulnerable devices that could be exploited by a Reaper-like botnet is swelling by millions of devices every day.
Reaper could be used for a DDoS attack, but that’s not the only option. “A global network of millions of hacked IoT devices can be used for a variety of purposes,” wrote security blogger Brian Krebs, whose site was taken offline by the Mirai attack.
These vulnerable devices could also used to cloak criminal activity, relay spam or even allow hackers a chance to exploit devices in our networks that could potentially even be used to spy on us. Until manufacturers or regulators begin to take steps to contain these threats, consumers will have to take that responsibility on themselves.
But what kind of protection do you need for a thermostat or a “smart” toaster?
“Trust me, you will never run an antivirus on your toaster,” Mikko tweeted.
Instead you need a solution that secures every connected thing in your home. F-Secure SENSE protects everything from baby monitors to thermostats to refrigerators to PCs to smartphones with a combination of a security router, an advanced security app and industry-leading cloud protection.
The SENSE router – together with the SENSE app – protects every connected thing in your home as well as your mobile devices on the go. It uses cutting-edge technologies such as artificial intelligence and machine learning to protect all incoming and outgoing network traffic in your home. SENSE also automatically updates itself whenever a new feature is released or a patch is available for a vulnerability like KRACK that threatens all modern WiFi networks.
Should you fear the Reaper? Only if you’re one of the people who doesn’t prepare for threats everyone should see coming by now.
PLEASE NOTE: This post is being updated. F-Secure researchers have found that global hotel chains…
April 25, 2018