WTH is a Botnet and What Bad Does It Do?

Tags: IoT
A picture of Andres Robam
Written by
Andres Robam

A botnet is a network of computers, all infected with the same malware that enables the attacker to control them. It is usually carried out through a command-and-control (C&C) server, but there are also some peer-to-peer (P2P) botnets. Botnets are often used to perform distributed denial-of-service (DDoS) attacks, send spam and to infect other devices to grow the botnet.

Botnets can be a source of income for hackers as botnets are usually rented out for large fees to perform DDoS attacks on specific companies in order to disrupt their online services. Also, botnets can be used to make money through click fraud, e-mail spam, selling personal information gathered from the infected computer or even by Bitcoin mining. Botnets vary in size, but some of the largest botnets have had more than 10,000,000 devices.

How it relates to IoT

There are a lot of internet-connected household electronic devices that are susceptible to infection by a botnet. This is due to multiple facts, the biggest of which is lack of security. A large number of connected devices that people have bought over the years either have no security whatsoever (no login required to access the device) or have a factory set username and password combination. This means that all a botnet needs, is a set of default username and password combinations to try when attempting to access a device. 

The most common types of internet-connected devices that are part of a botnet, are remote cameras and home routers, but any poorly secured device can be easily infected.

What can you do about it?

If you are a manufacturer of IoT devices, make sure your device requires a password to get access to. Also, that password should not be factory-default one, but a unique, randomly generated password for each device. Carry out research on how vulnerable your devices are and if possible, patch any security holes and tell your customers to always use the latest firmware.

For example, using the 1oT Terminal to manage your IoT devices cellular connectivity, you can track any erratic behaviour and even set up notifications that will alert you immediately once the device seems to use more data than it should or acts abnormally. We are constantly building new features for devices’ diagnostics from the distance.

If you are a user of IoT devices, make sure you change the pre-set password by the manufacturer and try to limit access to only those who need it (by using a firewall for example). Always keep the device’s software up-to-date and try to notice abnormal behaviour - e.g. the device has become unusually slow, increased use of bandwidth, etc. In such cases, the first actions should be disconnecting the device from network and consulting specialist for further action.

Future challenges

The IoT market is growing rapidly and the number of internet-connected devices that people will have in their homes in the near future has caused a growing concern among security specialists. The Federal Trade Commission (FTC) even announced an IoT security challenge, where you can win up to $25,000 by offering a solution to the problem of keeping IoT devices secure.

An IoT botnet called Mirai has already been used to stage some large-scale cyberattacks, one of which disrupted some major internet services (you can read more about it in an article about one of the latest DDOS attack) and it is certain that attacks originating from IoT devices are only going to grow in size in the near future.

For more information please contact our team at hello[at]1oT.mobi.