A huge BOTNET, called "Mirai" is using IOT ("Internet of Things") devices such as routers, cameras, and fridges to cause havoc on the Internet. Moreover, the hackers responsible for the Mirai botnet are now releasing the code publicly, allowing anyone with limited knowledge on scripting languages to wield massive power over this botnet network, which is nearly 1 million devices (and counting) at the time of writing this article.
What is a BOTNET?
A BOTNET is a collection of infected devices, that all talk back to a single "command and control" location to perform tasks. Hackers use vulnerable devices such as routers, network switches, IP cameras, connected appliances, or regular computers & servers and infect them with their source code. Once the code is installed and running, the hacker can then control the device to do their bidding, and the device in most cases still functions normally, making it harder for a IT person or security firm to detect the infection.
BOTNETs are used commonly for DDoS (Distributed Denial of Service) attacks, which, when large enough, can take down entire networks, internet providers, or large Internet backbones.
Why are they doing this?
Quite simply, for the money in most cases. With the advent of crypto currencies such as BitCoin, it is now very easy for a hacker to hide their tracks with regards to money transfers. In most cases a ransom is placed on the network, and a demand of a certain amount of BitCoin is requested. As BitCoin is virtually untraceable, it is easy for the hacker to receive the funds without a money trail, keeping them totally anonymous and very hard to track down.
How do I stop or prevent my equipment from being infected?
First of all, you need to ensure you are setting up your equipment with the proper security precautions in place. This means adequate passwords on all devices, and keeping most IOT devices behind a hardened firewall whenever possible. Also, devices such as a router have an operating system called a "firmware" in most cases. This firmware (software that is embedded on the device) needs to be kept up to date to maintain the latest security patches and bug fixes in the code for the device.
Lastly, even taking all the precautions above, you need to run regular security audits on your network, and network devices to determine the weak points and potential vulnerabilities. Most small business owners do not ever consider security as a #1 concern, and that mindset needs to change.
Our world is changing, and technology, while a huge benefit, needs to be maintained and secured to keep your business and it's crucial data safe. There are literally thousands of new exploits and threats discovered every single day, and you need a I.T. solution provider that will stay on top of these threats to protect your systems at all times.
For more information on security threats or to discuss a assessment of your network, feel free to contact our team at Reality Bytes anytime!