Why your site could be taken down by some fridges

--Originally published at tc2027 – Ce qui est chouette

This post’s topic will be IoT botnets.

Internet of Things

Starting with the basics, IoT (Internet of Things) refers to the concept of tangible devices—fridges, cars, security cameras—being hooked up with wires, electronics—sensors—and software and having access to a network to communicate with one another, broadcast data to other. In IoT, these intelligent fridges are called a Thing; that is a device with an IP address and the ability to transmit data over a network.

OMFG! It’s the EVIL FRIDGE! by Fabio on Flickr under a CC License.

What is a Botnet?

Any device that has been hijacked is called zombie or bot; an IoT Thing that has been taken over is then called a Thingbot—honestly, I think they messed up, zombie horde sounds way cooler than Botnet. Anyway, a Botnet is a distributed network made up of many of these IoT Things, that have been hijacked—by malware—to relay messages on command.

The bot part of the Botnet connects to a control center, usually just an encrypted chat room or a bot-exclusive chat room. At any moment the owner of the botnet can access the control server and ask its members to do stuff, like dance or destroy humanity. These botnets can be used perform distributed attacks, like DDoS; to steal data; to redistribe the malware that infected them, becoming the thing they swore to destroy in the first place—I trusted you . . . you were my brother, Anakin; generate bitcoins; or simply download and run a file. An example of a Botnet malware is Mirai.

How can I protect my Thing from becoming a Zombie?

Upgrade its firmware and secure access to it with smart user-and-password combos.

– Totally not a Botnet.

IT Security Guru. (January 21, 2014). The Internet of Things – Thingbot. On Continue reading "Why your site could be taken down by some fridges"