What are IoT Botnets?
IoT. With the rising number of Internet of Things (IoT) devices, there is a concurrent rise in IoT botnet threats from cyberattackers. IoT refers to the interconnection and communication between internet-enabled physical devices. The growth of such devices has been explosive, as smart devices such as wearables, sensors, phones, cars, appliances, cameras, and household gadgets are becoming increasingly prevalent in more and more aspects of daily living. The total installed base of IoT connected devices worldwide is projected to amount to a staggering 30.9 billion units by 2025.1 While these devices may serve to add convenience and entertainment to our lives, this paradigm shift has also added plentiful concerns for security, privacy, and the protection of resources. The proliferation of these devices has outpaced the security science, leaving organizations and individuals vulnerable, as they lack formal guidance on securing these systems, and best practices have not yet been established.
Botnet. The term “botnet” is a portmanteau of the words “robot” and “network.” Botnets are networks of hijacked computer devices used by cyberattackers to carry out their cyberattacks. A botnet is controlled by a “bot herder” who operates the botnet infrastructure and uses the hijacked computers to launch cyberattacks that are designed to crash a target’s network, inject malware, harvest credentials, or to execute other intensive computer-related tasks. Each individual device within the botnet network is referred to as a “zombie computer” or “bot.” These botnet devices operate under the commands of the bot herder, and without the consent of the device owners.
IoT botnet. An IoT botnet is a network of IoT devices that is controlled by a bot herder with malicious intentions such as attempting distributed denial-of-service (DDoS) attacks, data exfiltration, data destruction, spam deployment, and accessing devices and their connections across the network. IoT botnets spread as infected devices look to recruit other vulnerable IoT devices, creating a large network that can execute attack commands from the bot herder.
It is difficult to detect IoT botnets, so prevention is critical. The following recommendations may help to prevent your IoT devices from being recruited into an IoT botnet:
- Use a web application firewall to monitor incoming and outgoing traffic on your network. Next-gen web application firewalls can block malicious bots from specific IP addresses while allowing legitimate bot traffic through.
- Keep IoT devices on protected networks.
- Perform continuous security testing on IoT devices.
- Monitor login attempts and take note of unusually high amounts of attempts.
- Use strong passwords.
- Manage vulnerabilities and apply patches as soon as possible.
1 Statista, 2022, “IoT and non-IoT connections worldwide 2010-2025”