|Home||Internet of Things||Aerospace||Apparel||Energy||Defense||Health Care||Logistics||Manufacturing||Retail|
IoT Botnets: Fighting the Rise of the Robots
With the Internet of Things continuing to grow and billions of IoT devices becoming pawns in unknown battles, it's important to consider a solution that enables a botnet-proof network.
Sep 25, 2019—
With the abundance of Internet of Things (IoT) devices comes the proliferation of malware designed to exploit them. This is, of course, inevitable and, for the most part, there's very little anyone can do about it. The age of the IoT botnet is truly upon us. The standard approach to dealing with these threats is to attempt to keep the hackers out by encrypting everything and locking down the various network layers in the appropriate manner. When hackers do get in—which they will, if they want to—you just have to batten down the hatches and employ damage limitation measures. That's just the way it is. Or is it?
Rise of the Robots: The IoT Botnet
An IoT botnet is a network of IoT devices whose control has been taken over by a malicious actor. By way of infecting IoT devices with malware, the hacker is able to gain control of the devices and use them for its own means. A good example of this is the Mirai malware which emerged in 2016, initially taking control of consumer devices such as routers and webcams for use in distributed denial of service (DDoS) attacks. Since its inception, several variants of Mirai have been created and many others like it have followed suit.
Although consumer devices appear to be the main draw for hackers, the net is widening. As many commercial and industrial IoT networks use the same protocols and software as consumer devices, these networks are also becoming convenient targets. What hacker wouldn't want to add hundreds or thousands of Industrial IoT (IIoT) devices to its arsenal of bots?
Is There A Botnet-Proof Network?
Whereas most IoT devices use TCP/IP to communicate, be that via Wi-Fi, cellular data or other means of wireless communication, there is always a direct connection to the internet. This means there's always a way to get in and, perhaps more importantly, that device can then use that internet connection to attack other online entities. We prefer to do things differently. Instead of using TCP/IP over the mobile data channel, we use part of the GSM voice network to publish and subscribe to MQTT messages via our platform (the new LTE offering does use TCP/IP but still has no exposed IP address).
This means devices don't have an external IP address and are, therefore, completely invisible to the internet, which means that even if the device is compromised locally—for example, if someone were to load the malware directly onto the device from a USB stick—it would simply not be capable of being part of a botnet. With this approach, IoT botnets are no longer a problem.
IoT Without the Internet
Does this make the technology infallible? Of course not. Nothing is. As the Internet of Things continues to grow, its part in the world of electronic warfare will grow with it. Over time, billions of IoT devices will become pawns in unknown battles, working for unknown masters. Don't want to be a part of that? Consider a solution that enables a botnet-proof network.
Lee Stacey is the chief noisemaker and product evangelist at Thingstream. The company removes the complexity of creating and managing your remote industrial IoT applications. It combines connectivity and application management into a unique single platform. Lee has 25 years of experience working with technology-based companies, ranging from regional SMEs to global enterprises.
Login and post your comment!
Not a member?
Signup for an account now to access all of the features of RFIDJournal.com!
SEND IT YOUR WAY
RFID JOURNAL EVENTS
ASK THE EXPERTS
Simply enter a question for our experts.
|RFID Journal LIVE!||RFID in Health Care||LIVE! LatAm||LIVE! Brasil||LIVE! Europe||RFID Connect||Virtual Events||RFID Journal Awards||Webinars||Presentations|