The integration of internet-of-things technologies into enterprise workflows is growing more profound by the day, with companies across the world hoping to make their operations more efficient, intuitive and cost-effective. For many organizations, the deployment of IoT devices has posed significant challenges in terms of planning, maintenance and security. These implementation barriers, however, have not slowed down the rate of adoption - a 2018 survey from Deloitte found that 94% of executives believe digital transformation is a top strategic priority, and IoT is often a part of this process. But to harness the full potential of emerging business tech, enterprises must carefully consider the risks posed by IoT devices, both secured and unsecured.
What is an IoT botnet?
While many IT professionals are acutely aware of the risks posed by malware, phishing scams and brute-force attacks, botnets are often lower on the list of possible threat vectors. According to the cybersecurity firm Trend Micro, a botnet is a network of compromised computers and internet-connected devices that are under the control of an unauthorized user or cybercriminal. In most cases, these computing devices are infected with a special form of malware that gives hostile actors completely control over how they operate (along with any data being transmitted). Utilizing remote execution strategies, hackers can coordinate large-scale DDoS attacks, establish crypto-mining operations and interrupt the flow of critical information.
To better understand how cybercriminals leverage botnets, and the frequency of such attacks, IT experts often create "honeypots" - computer systems that mimic likely enterprise targets - that act as lightning rods for malicious actors. Between Jan. and July 2018, Kaspersky Labs registered more than 12 million attacks on their honeypots from 86,560 unique IP addresses. The most common infection vectors were Telnet passwords (75.40%) and SSH (11.59%), though other, more advanced methods were used in 13.01% of cases. Considering the potential financial and reputational damage that can be caused by a serious botnet attack, enterprises must take precautions to insulate their networks from these types of threats.
Learning from past botnet attacks
One of the surest ways to assess an organization's level of risk is to understand previous botnet attacks, particularly those that lead to major business interruptions. Generally speaking, cyberattacks on IoT devices have increased by around 300% in 2019 alone, according to research from F-Secure. This trend is largely the result of lackluster or absent device-level security protocols and a lack of awareness on the part of IT administrators. Most IoT devices do have any protective firmware or cybersecurity features built in by manufacturers, which leaves them highly vulnerable to targeted attacks. Here are a few of the most high-profile botnet incidents that have occurred over the past decade:
One reason these types of cyber attacks are so troubling is that, even after a botnet has been mitigated, the malware that created it is usually still out in the wild. For example, while Mirai wreaked havoc back in 2016, new strains have surfaced that are more complex and resilient, ZDNet reported. As such, any enterprise network security plan must account for the possibility of repeat attacks.
To remain adaptable in the face of both existing and emerging cyber threats, enterprises must ensure their network infrastructure is secure, reliable and flexible. Perle offers robust networking equipment such as Ethernet switches and serial-to-Ethernet converters that can keep your organization running at peak efficiency. Read some of our customers' success stories to learn more.
|Error processing SSI file