11 Jan Thingbots – the Rise and the Risk to IoT Device Security
What are Thingbots?
To understand Thingbots, we must first understand the concept of a botnet. A botnet is a group of connected computers that have been contaminated via malicious software that enables cybercriminals to penetrate and control those computers.
In most cases, people do not realize that their computers have been hacked and added to a botnet network. If you replaced botnet computers with internet of things (IoT) devices such as smartwatches, medical devices, smart alarms, and other similar devices, you end up being a part of the botnet that only contains IoT devices; this is known as a Thingbot.
The Rise and Risk of Thingbots
While Distributed Denial-of-Service (DDoS) attacks remain the most utilized attack method, hackers use botnets to carry out repetitive attacks that jeopardize IoT Device Security. These attacks include cryptojacking, data theft, spamming, illicit control of devices, and more.
Just one insecure IoT device may allow cybercriminals to infect it with malware and allow them to get into your router and compromise any device connected to your network. When you consider the quantity and types of devices on your local network – your smartphone, computer, smartwatch, etc. – and how much of your private data is stored on these devices, it’s very frightening to imagine that all that data could be stolen and used for destructive purposes.
Preventing an IoT Thingbot Attack
While IoT devices have made our lives simpler, smarter, and more fun, they also contain many services that make them much more vulnerable to cyber-attack. Consequently, IoT device security should be a top priority when designing, deploying, and managing IoT devices. Security measures should be implemented and validated throughout the entire device design lifecycle. Shortcutting the security aspect of device design is one of the biggest IoT security issues that we face today.
Protecting an IoT ecosystem from Thingbot attack requires implementation of measures to safeguard against the most common areas of device exploitation. Those would include the following:
- As a minimum, use Network Address Translation (NAT) if your IoT devices are being used within an office environment. Disable remote administration or set behind a firewall.
- If possible, change the merchant default credentials and disable the default administrator account.
- Regularly update your IoT devices with the freshest firmware as it becomes available.
- Configure firewalls to pass traffic from trusted IP addresses and disable port forwarding.
As IoT ecosystems continue to grow in size and complexity it will become increasingly critical to take all available proactive measure to protect your investments from today’s sophisticated cybercriminals.
Check out a previous article Keeping Your IoT Environment Safe from Cybercriminals for more tips on how to improve your IoT device security.