The unpatched Windows XP problem that spawned the Blaster and Sasser worm a decade ago is being replicated on a different platform by hackers exploiting IoT devices to launch denial of service attacks.
Two Internet of Things-powered packet floods took down the websites of cybersecurity journalist Brian Krebs and French hosting provider OVH. The Mirai botnet used to take out Krebs’ website spread with a monster 620Gbps attack last month used 61 username and password combinations to attempt "brute-force" hacks into thousands of devices around the world.
The malware relied on factory kit makers’ default usernames and passwords to compromise vulnerable IoT devices such as insecure routers, IP cameras and more.
Fastly’s Director of Security Research, Jose Nazario, one of the leading experts on DDoS and network security, has quantified how long it might take to hack vulnerable devices.
On average, an IoT device is infected with malware and will launch an attack within six minutes of being exposed to the internet. IoT devices are probed for vulnerabilities 800 times per hour by attackers from across the globe. Every day there is an average of over 400 login attempts per device, an average of one attempt every five minutes and 66 per cent of them on average are successful, according to Nazario.
The Blaster and Sasser worm of 2003 and 2004, respectively, was brought to heel after Microsoft enable a firewall technology with Windows XP SP2. Something equivalent needs to happen with IoT kit if we’re to avoid a world of b-IoT-nets, or regular zombie botnets on steroids.
The technical know-how to resolve the problem is there but the financial incentives may be missing, warns to independent technologist and entrepreneur Ken Tindell.
“It's an economics problem. I did think it could be fixed with revenue but now I think the incentive is too weak,” Tindell concludes in a blog post on How Bitcoin might help fix the Internet of Things. ®