Cybersecurity Expert: IoT Botnets are the Trojan Horse of the 21st Century

The sweeping and unprecedented cyberattack that occurred on October 21, 2016 draws parallels with the giant horse filled with Greek soldiers that was presented to the Trojans as a peace offering some 3,000 years ago.

Scott Schober, a cybersecurity expert and author has offered his take on why the recent IoT-based DDoS attack that inundated DNS server Dyn is the perfect example of a Trojan horse in today’s technological age.

The Mirai malware, a code that infected thousands of vulnerable IoT devices in the world was instrumental in launching last month’s unprecedented cyberattacks. Schober refers to these devices as ‘generally dumb’ since they are restricted to a few basic tasks without being nearly as significant as the smartphones or computers commonly used in the world. However, put them all together, to carry out a single task like focusing their connections on a single DNS provider and the whole world can be found sweating.

These infected devices, many of them to this day, are still under Mirai’s control and can be manipulated to launch another DDoS attack, when the order is given. “Dumb” devices include CCTC cameras, routers and DVRs, among others.

Schober writes:

Just like those hidden soldiers in the Trojan horse, when those orders are given, they break their secrecy and attack. Mirai attacks by ordering all devices under its control to make multiple IP access requests to targeted servers.

Overwhelmed by all these simultaneous requests, these servers are forced to ignore legitimate traffic and eventually shut down altogether.

The cybersecurity veteran points to Russia-based developers of code from the first Mirai attack, which was focused on notable cybersecurity reporter and expert Brian Krebs. Russian phrases such as such as “я люблю куриные наггетсы,” which translates to “I love chicken nuggets”, were found embedded within the code of the Mirai botnet malware.

Curing the Mirai Sickness

Noting that the botnet of infected IoT devices are still prevalent, their manufacturers and owners have, at large, ignored the gaping cybersecurity hole when left unattended without any updates for their software or firmware. One Chinese manufacturer that is responsible for millions of these IoT devices has, somewhat surprisingly, issued a recall of these devices. However, millions mor remain in the wild and are susceptible to vulnerabilities.

Schober offers his advice on how to curb the growing problem of IoT vulnerabilities, starting with you, the owner of a CCTV camera or a DVR.

He writes:

  1. Unplug/disable all IoT devices you are not using. Round ‘em up and shut ‘em down.
  2. If you need to keep the device powered, make sure it has a long and unique password and does not use any default passwords. And while you’re at it, create a unique password for every device in question.
  3. Avoid purchasing future IoT devices from shady companies that do not have a track record of updating their firmware with security patches. If you’ve never heard of the company, that $20 you’re saving isn’t worth it.

 Image credit: Pixabay.