If you are technically inclined or even just paying attention to the latest round cybersecurity threats then you have heard of BotNets. BotNets are normally made up of IoT devices like home routers and IP video cameras and hackers normally sell the usage of this BotNet to other hackers looking to stay anonymous. Many of these consumer-grade devices use default passwords to help end users set them up without any problems. Hackers know that most people will never change the default admin password so they write malware code to scan the internet for devices to turn into a BotNet. One such malware program is called Mirai. Mirai was responsible for taking down a large number of major websites in 2016. Most devices that were infected by Mirai remain infected to this day, but even the IoT devices that were patched are still susceptible to the new variants of Mirai. A variant is a malware that uses a modified version of an older malware’s source code. FortiGuard Labs has found one variant that may be worse than the original Mirai version. This new version dubbed OMG because of the letter OMG found in the source code now has the ability to turn the infected device into a proxy server. Proxy servers allow hackers to look like they are coming from a different location and IP then they actually are. This anonymity comes at a price. Since hackers are willing to pay for the privilege of using a BotNet the demand for new IoT victims increases. Thus, driving the number of variants up and the potential for another large-scale cyber attack.
What do you think can be done to improve the security of IoT devices? Should the manufacturers be held responsible for BotNets?
No longer is it the role of IT to bring in the latest and greatest technology in the most cost effective way. IT management and the role of IT has started to become “Strategy-Oriented, Collaborative and more business Aware.” (Morgan, Jacob Inc. Aug 29, 2017) IT used to be a group of tech enthusiasts who kept the servers running in a basement data center, out of sight from the rest of the business. Today the role of IT has expended into every single business unit in the company. The IT management team is involved in almost all company projects and help make integral decisions on what new technologies to bring in and offer support to the business units on how to use existing data. Social Media has now become a business need versus a business want. Many IT departments have dedicated employees just to handle the day-to-day social media needs of each business unit. IT is becoming globally aware. IT employees have to keep an eye on growing trends and technology is constantly changing. Large on premise data centers are slowly being outsources to cloud companies such as Amazon AWS and Microsoft Azure. Everyone in IT now shares the responsibility of keeping data and IP secure to reduce the threat of being hacked.