November 4, 2016 by

Cybersecurity Expert: IoT Botnets are the Trojan Horse of the 21st Century

The sweeping and unprecedented cyberattack that occurred on October 21, 2016 draws parallels with the giant horse filled with Greek soldiers that was presented to the Trojans as a peace offering some 3,000 years ago.

Scott Schober, a cybersecurity expert and author has offered his take on why the recent IoT-based DDoS attack that inundated DNS server Dyn is the perfect example of a Trojan horse in today’s technological age.

The Mirai malware, a code that infected thousands of vulnerable IoT devices in the world was instrumental in launching last month’s unprecedented cyberattacks. Schober refers to these devices as ‘generally dumb’ since they are restricted to a few basic tasks without being nearly as significant as the smartphones or computers commonly used in the world. However, put them all together, to carry out a single task like focusing their connections on a single DNS provider and the whole world can be found sweating.

These infected devices, many of them to this day, are still under Mirai’s control and can be manipulated to launch another DDoS attack, when the order is given. “Dumb” devices include CCTC cameras, routers and DVRs, among others.

Schober writes:

Just like those hidden soldiers in the Trojan horse, when those orders are given, they break their secrecy and attack. Mirai attacks by ordering all devices under its control to make multiple IP access requests to targeted servers.

Overwhelmed by all these simultaneous requests, these servers are forced to ignore legitimate traffic and eventually shut down altogether.

The cybersecurity veteran points to Russia-based developers of code from the first Mirai attack, which was focused on notable cybersecurity reporter and expert Brian Krebs. Russian phrases such as such as “я люблю куриные наггетсы,” which translates to “I love chicken nuggets”, were found embedded within the code of the Mirai botnet malware.

Curing the Mirai Sickness

Noting that the botnet of infected IoT devices are still prevalent, their manufacturers and owners have, at large, ignored the gaping cybersecurity hole when left unattended without any updates for their software or firmware. One Chinese manufacturer that is responsible for millions of these IoT devices has, somewhat surprisingly, issued a recall of these devices. However, millions mor remain in the wild and are susceptible to vulnerabilities.

Schober offers his advice on how to curb the growing problem of IoT vulnerabilities, starting with you, the owner of a CCTV camera or a DVR.

He writes:

  1. Unplug/disable all IoT devices you are not using. Round ‘em up and shut ‘em down.
  2. If you need to keep the device powered, make sure it has a long and unique password and does not use any default passwords. And while you’re at it, create a unique password for every device in question.
  3. Avoid purchasing future IoT devices from shady companies that do not have a track record of updating their firmware with security patches. If you’ve never heard of the company, that $20 you’re saving isn’t worth it.

 Image credit: Pixabay.

About the author

Image of Author

LIFARS is the global leader in Digital Forensics and Cyber Resiliency Services. Our experience spans two decades working on high profile events, often in concert with Law Enforcement Agencies around the world. Our proprietary methodology derives directly and indirectly from our experience working with and for U.S. Intelligence Agencies, Interpol, Europol, and NATO. We are solely dedicated to Cyber Resiliency and thus pay close attention to all aspects of our clients’ engagements experience while providing a strategic and integrated array of services to minimum risk and disruption while protecting your brand.

Related articles

Popular Freeware Site Found Hosting Bitcoin Stealing Malware

A dangerous bitcoin stealing malware that swaps user accounts with that of the attacker was...

Read more arrow_forward

47 Million Emails/Day: Necurs Botnet Launches Massive Ransomware Campaign

A cybersecurity firm has revealed it has blocked as many as 47 million emails per day spewed by the...

Read more arrow_forward

Cybercriminals Spoof Millions of Printers, Scanners to Spread Malware

Security researchers have discovered cybercriminals spoofing millions of scanners to launch attacks...

Read more arrow_forward