Thingbots: The Emerging IoT Threat

Started by deanwebb, September 14, 2017, 09:45:39 AM

Previous topic - Next topic

deanwebb

https://f5.com/labs/articles/threat-intelligence/ddos/the-hunt-for-iot-the-rise-of-thingbots

Me to all the IoT fanboys from 4 years ago: "Told you so."  :smug:

Me looking at all the IoT stuff out there, anyway:

:facepalm3:

Here's the Executive Summary:

QuoteExecutive Summary

The Internet of Things (IoT) and, specifically, the hunt for exploitable IoT devices by attackers, has been a primary area of research for F5 Labs for over a year now—and with good reason. IoT devices are becoming the "cyberweapon delivery system of choice" by today's botnet-building attackers. And, why not? There are literally billions of them in the world, most of which are readily accessible (via Telnet) and easily hacked (due to lack of security controls). Why would attackers rent expensive resources in hosting environments to build their botnets when so many devices are "free" for the taking?

Across all of our research, every indication is that today's botnets, or "thingbots" (built exclusively from IoT devices) will become the infrastructure for a future darknet.*

In our third semi-annual report on this topic, we continue to track Telnet attack activity and, through a series of global maps showing infected systems, we track the progression of Mirai, as well as a new thingbot called Persirai. We also include a list of the administrative credentials attackers most frequently use when launching brute force attacks against IoT devices.

Did you see that part about Telnet? TELNET???

:developers:
Take a baseball bat and trash all the routers, shout out "IT'S A NETWORK PROBLEM NOW, SUCKERS!" and then peel out of the parking lot in your Ferrari.
"The world could perish if people only worked on things that were easy to handle." -- Vladimir Savchenko
Вопросы есть? Вопросов нет! | BCEB: Belkin Certified Expert Baffler | "Plan B is Plan A with an element of panic." -- John Clarke
Accounting is architecture, remember that!
Air gaps are high-latency Internet connections.