Over the past few years, the growth and advances in internet technology have transformed how people and businesses interact with each other. It seems that every device has internet capabilities, from cameras and light bulbs to cars and routers. These connected devices and appliances have come to be known as the Internet of Things (IoT).
IoT devices are designed to collect, exchange and process information over the internet to supply their users with access to a wide array of information and services. There will be an estimated 20.4 billion IoT-connected components worldwide by 2020, and more than half of major new business systems and processes will include an IoT component.
With billions of devices connected to the internet, many of which have a tremendous impact on business processes, security is a major concern. In late 2016, we experienced Mirai — the infamous Internet-of-Things botnet that took down major websites via massive distributed denial-of-service and using hundreds of thousands of compromised IoT devices.
Mirai first became active on August 1st, 2016. It was a self-propagating worm, which is a program that replicates itself in order to find, attack, and infect various IoT devices. The infected devices are then controlled by a central server, which tells the devices where to attack next. The system itself was made up of two key components: a replication module and an attack module.
The replication module was responsible for growing the overall botnet by attacking and taking over as many IoT devices as possible. It would do so by scanning the internet for vulnerable targets, and would take over the devices by using a fixed set of well-known default login and password combinations for different IoT devices. Those devices varied from routers to security cameras, and totalled over 600,000 devices.
The attack module was used to carry out Distributed Denial of Service (DDoS) attacks against certain targets by way of the hacked IoT devices. A DDoS attack is an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. Through various techniques, this module was able to perform multiple high volume attacks on several different servers.
The first high-profile attack was on OVH, one of the largest European hosting providers. OVH reported that the attacks were targeting Minecraft gaming servers and was carried out by more than 145,000 IoT devices. The attack lasted about a week and involved large, intermittent bursts of DDoS traffic to undisclosed targets.
The second attack that Mirai launched was against Brian Krebs and his site, Krebs on Security. He is a well-known cyber-crime journalist, and his site has been targeted several times by various criminal attacks. The Mirai attack was by far the largest he had ever faced, and it even forced him to move his site to another service provider.
The Mirai attacks are the largest ever recorded, and have since been the inspiration of copycat hackers after the string of code was released in September of 2017. Cyber security will continue to be a focal point for people and businesses for years to come, so it’s crucial that appropriate measures are taken to secure their devices and servers.
Below are a few of the ways you can better secure your IoT devices against malware and ensure that your data and privacy are safeguarded.
Do Your Research
Before purchasing an IoT device, be sure to not only research the device itself, but dive into the manufacturer as well. You want to be sure that they take cybersecurity seriously. If they are, they will likely provide timely security updates to ensure that their devices are up to date and have the ability to protect themselves against new malware and security threats.
Secure Your Device
As seen in this experiment, an IoT device that has not been properly secured can be infected within minutes of connecting to the internet. Before putting it to use, it’s imperative that you take precautionary measures to ensure your device and data are secured. Check the manufacturer’s website and download any new security patches. Change the default password to something unique to each device and make it difficult to guess. Avoid connecting your devices directly to the internet by keeping it behind a firewall. All of these simple precautions will allow you to create a much stronger front against cyber attacks.
Monitor Device “Capabilities”
According to the U.S. Department of Justice’s Consumer Technology Association, some of the built-in capabilities that devices offer can actually make them harder to secure. Although they are meant for convenience, the negatives greatly outweigh the positives when it comes to these features.
The first is Peer-to-Peer (P2P) capability. This configuration allows devices to constantly find ways to connect to a global, shared network so that people can access them remotely. Research has shown that these devices can be easily reached through a firewall and are extremely difficult to secure, so try to avoid devices that advertise this capability.
The second is Universal Plug and Play (UPnP). UPnP allows devices to connect to a “known network” of devices which automatically “learn” each other. Each device announces itself on the network, and through a discovery and “protocol negotiation,” allows these devices to interact with each other from different locations. Although it makes it easier to connect devices, the UPnP network is a poorly secured doorway that hackers can use to infiltrate your network and device.
Segment Your Networks
Creating various networks will allow you to avoid a single point of failure, as one vulnerable IoT device can allow an intruder to penetrate your entire network and any other device connected to that network.
Along with creating unique and complex passwords for each router and device, consider “segmenting” your network so that IoT devices cannot access the entire network. For example, one network may be setup for computers and printers only, while the second network is reserved for mobile devices. Also, consider the use of a “guest” network to prevent visitors from accessing and infecting your devices with malware.
Monitor and Update the Firmware
Each IoT device has embedded software known as “firmware,” which can be vulnerable if not updated and patched regularly. Many manufacturers offer automated firmware updates, so be sure to check their website and register your devices to install them automatically.
Mark Hurd, CEO of Oracle, recently pointed out that manufacturers and companies have the patches and firmware in place to protect against these attacks. “Consider the fact that 85% of security breaches take advantage of system vulnerabilities for which a patch was available for more than a year, but was not applied,” Hurd says. Even if the firmware updates are not automated, be sure to check periodically to ensure your devices are running the most latest and most secure firmware.
Security of IoT devices will remain a priority for businesses and homes as they work to protect sensitive information from cyber attacks like Mirai. It’s imperative that the necessary measures are taken in order to prevent a security breach of any kind. If you are not fully comfortable installing, configuring and maintaining the security of these devices on your own, consult the necessary technical professionals to ensure everything is properly secured.