Botnets pose a threat to the IoT ecosystem
The rise in DDoS attacks based on IoT botnets is new, it wasn’t unexpected and the connected technology already plays a dominant role in our daily lives. From mobile phones to tablet PCs, smart devices allow us to communicate with friends and family, keep up to date with what is happening in the world.
With the rising everything connected concept is growing rapidly, it will transform our personal and working lives in a multitude of ways, they are inviting the security risk – attackers are hijacking these devices and turning them into internet of things botnets. The internet of things (IoT) will mark the next major revolution for mankind.
About the internet of things (IoT), it is a system of interrelated computing devices, mechanical and digital machines, objects, animals or people that are provided with unique identifiers and the ability to transfer data over a network without requiring human-to-human or human-to-computer interaction.
As there will be 31 billion devices connected to the internet by 2025, and Gartner predicts that the average family home will have 500 smart devices by 2022. Meanwhile, IDC claims that spending on the IoT will reach $745bn in 2019.
Hackers are increasingly exploiting connected devices to harvest sensitive data, send spam, take control of networks and launch cyber attacks around the world. Botnet attacks have become commonplace, with CenturyLink Threat Research Lab estimating that 195,000 such attacks take place every day and Accenture putting the average cost at $390,752.
Botnets are always advancing and 451 Research IoT analyst Ian Hughes believes botnets are a prevalent security risk because they are always changing. He says that over the past few years, many forms of botnet have been created in line with the evolution of the technology industry and with advances in software engineering.
“Pre-cloud, the target would be viral infection on PCs through installation of patches to programs, usually accidentally by the user,” says Hughes. “With the increase in connectivity, and the use of the internet and the web in a cloud era, the options for nefarious code to be run on machines increased.
“Not only did the technology introduce more potential holes, but the ability for individual and groups to share information with one another, such as code, made weaknesses in systems much more well-known and as more devices connect to the internet, this challenge will only grow, says Hughes. “We have an increasing number of devices with relatively cheap compute power on board, all connected to the internet and able to run any form of software, and be managed remotely,” he says.
To tackle botnets, Hughes says all networks and all devices need not only high levels of security monitoring and regular updates, but also known levels of trust within a system. “These levels of trust are starting to be built upwards from the chip manufacturers as well as the device and software industry,” he says. “Of course, it only takes one release of a product at any level cutting some corners to get to market, to leave something wide open for hackers.”
Given the regulatory challenges and continued rise in the number of connected devices, botnet attacks are likely to keep increasing.
The threat of botnets will only increase as the connected ecosystem rapidly expands and new connected technologies enter the market and while attackers will continue to find new ways to take control of networks and leverage botnets, there are clear ways in which IT practitioners and organisations can mitigate the risk here – most notably the issue of improving weak security mechanisms. It may be that attackers are often one step ahead, but by being more proactive, security teams can also leapfrog ahead on occasions.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.