The Rise of IoT Botnets (And How to Protect Your Smart Devices)
Connecting all of your gadgets to the internet isn’t always a great idea. While the Internet of Things allows you to perform tasks remotely and monitor your devices from anywhere in the world, it also provides a way in for malicious hackers who want to use your devices for their own good.
In this article, we explore how the Internet of Things and smart home devices are being used to form a “digital army” that obeys the whims of hackers with malintent.
What Is a Botnet?
The concept of computers and devices being conscripted against a user’s will is nothing new. The technical term for it is a “botnet “, and the name explains it all. It’s a network of compromised devices that receive commands from a central server. When a command is sent out, the hacked devices carry it out without question and in unison—much like a swarm of robots.
The owner of a botnet wants to compromise as many devices as possible. More devices mean more processing power under their control, which makes the botnet stronger. Once enough devices have been gathered under a botnet, the owner has the power to perform website-crippling attacks or worse.
How Botnets Affect the Internet of Things
Due to the autonomous nature of a botnet, it’s not very picky about what devices it brings into its web. If a device has a consistent internet connection, a processor, and the ability to have malware installed on it, it can be used in a botnet.
Previously, this was limited to computers and mobile devices, as they were the only things that matched the criteria. With the spread of the Internet of Things, more and more devices are entering the pool of potential candidates for a botnet.
Even worse, with the Internet of Things still in its teething phase, security hasn’t been fully fleshed out yet. A good example of this is when a benevolent hacker gained access someone’s Nest home security system and talked to them through their own security cameras.
With IoT security being this lax, it’s no wonder that botnet developers are keen to capitalize on this new trend.
How Much Damage Can an IoT Botnet Do?
The Mirai Botnet
While IoT botnets are a new concept, the tech world has already witnessed some devastating attacks from them. We saw one such attack during late 2017, when the Mirai botnet rose in power. It scanned the internet for IoT devices, then tried 60 default usernames and passwords to gain access.
Once successful, the attack infected the compromised device with the Mirai botnet malware.
With its rapidly-forming army, Mirai began to attack sites around the internet. It did this by using its army to perform Direct Denial of Service (DDoS) attacks, swarming websites with connections from the devices on the botnet. The Krebs on Security site suffered a 620Gb/s attack, and Ars Technica came under siege from a 1Tb/s swarm.
Mirai is open source, which allowed eager botnet owners to make their own copycat variants of the malware.
The Torii Botnet
In late 2018, we saw a new contender; Torii. Unlike the other IoT botnets that used Mirai’s code, this one was its own strain. It used highly advanced code, able to infect a large majority of internet-connected devices. Torii hasn’t attacked anything just yet, but it may simply be amassing an army for a huge attack.
A study by Princeton demonstrated that IoT botnets may hold the power to take out power grids. The report describes a method of attack called “Manipulation of demand via IoT” (MadIoT), which acts similar to a DDoS attack but targets the power grid instead. Hackers could install botnets on high-power IoT devices, then enable them all at the same time to trigger a blackout.
What Other Threats Do Botnets Pose?
While collective processor power is very useful for performing DDoS attacks, it’s not the only thing botnets are capable of. Botnets specialize in any task that requires a lot of processing power. What those tasks consist of is decided by the person controlling the botnet.
If someone wants to run a spam email campaign, they can use the processing power of the botnet to send out millions of messages at once. They could direct all the bots to a website or advertisement to generate false traffic and earn some extra income. They could even command their botnet to install malware on itself, such as ransomware .
Some botnet owners may not even want to use what they create. Instead, they’ll aim to make a large and impressive network to sell on the dark net for a tidy profit. Some even rent out their botnets under a subscription service that’s not too different from renting a server!
Why It’s Difficult to Detect a Breach
The main issue with the IoT botnet is how silently it works. This isn’t a kind of malware that makes a drastic difference on how the compromised device works. It quietly installs itself and stays dormant until it’s called by the command server to perform an action.
People using the device may report that it’s “sluggish” or “acting slow”, but nothing will alert them that their smart camera is being used to stage a cyberattack!
As such, it’s totally normal for people to continue their daily lives without knowing their devices are part of a botnet. This makes it very hard to take down a botnet, as the people who own the devices don’t realize they’re a part of it.
Even worse, some botnets will install malware that persists through resets, so a power cycle won’t get rid of it.
How to Protect Your Smart Devices
If you’re a big fan of the Internet of Things, don’t fret too much! While this attack sounds scary, you can do your part to ensure your own devices aren’t added to a botnet.
Remember how the Mirai botnet gained access to devices by using 60 usernames and passwords? The only reason it could achieve this was due to people not setting up their devices correctly. If the username and password for your IoT devices is both “admin”, it will be compromised very quickly.
Be sure to log onto any devices with an account system and set up a unique, strong password.
Be sure to install security software on any device that allows it. This acts as an additional layer of defense that should catch the malware when it tries to spread onto your system. Can’t decide which antivirus software to use? Read our list of the top security and antivirus tools for inspiration.
Botnets can also spread via vulnerabilities in the device’s firmware. To stop this, always ensure your IoT gadgets have the latest version of their firmware installed. Also, only purchase brand new devices made by reputable and respected companies. That way, you know the device has gone through all the proper security checks before it enters your home.
More Ways to Keep Your Devices Safe
As more of our devices connect to the internet, botnet developers are keen to capitalize on this increase of targets. With Mirai and Torii demonstrating what IoT botnets can do, device security is very important. By buying reputable hardware and ensuring it’s set up correctly, your devices won’t be added to a digital army.
If you’d like to secure your smart home, be sure to read our tips for securing your devices .