IoT Botnets: Fighting the Rise of the Robots

With the Internet of Things continuing to grow and billions of IoT devices becoming pawns in unknown battles, it's important to consider a solution that enables a botnet-proof network.
Published: September 25, 2019

With the abundance of Internet of Things (IoT) devices comes the proliferation of malware designed to exploit them. This is, of course, inevitable and, for the most part, there’s very little anyone can do about it. The age of the IoT botnet is truly upon us. The standard approach to dealing with these threats is to attempt to keep the hackers out by encrypting everything and locking down the various network layers in the appropriate manner. When hackers do get in—which they will, if they want to—you just have to batten down the hatches and employ damage limitation measures. That’s just the way it is. Or is it?

Rise of the Robots: The IoT Botnet
Along with a generally consistent rise in cybersecurity exploits, the number of botnet attacks worldwide has also been gathering pace, with IoT networks providing the necessary weaponry. According to Check Point Software Technologies, the number of attacks targeting the IoT and networking has doubled in just two months, putting IoT devices right in the spotlight and highlighting an alarming trend for those operating in the IoT space.

What Is an IoT Botnet?
An IoT botnet is a network of IoT devices whose control has been taken over by a malicious actor. By way of infecting IoT devices with malware, the hacker is able to gain control of the devices and use them for its own means. A good example of this is the Mirai malware which emerged in 2016, initially taking control of consumer devices such as routers and webcams for use in distributed denial of service (DDoS) attacks. Since its inception, several variants of Mirai have been created and many others like it have followed suit.

Although consumer devices appear to be the main draw for hackers, the net is widening. As many commercial and industrial IoT networks use the same protocols and software as consumer devices, these networks are also becoming convenient targets. What hacker wouldn’t want to add hundreds or thousands of Industrial IoT (IIoT) devices to its arsenal of bots?

Is There A Botnet-Proof Network?
No device, network or computer connected to the internet is 100 percent safe. However, Thingstream‘s IoT-enabled devices do have a distinct advantage which excludes many security exploits and makes it impossible for the devices to become part of a botnet.

Whereas most IoT devices use TCP/IP to communicate, be that via Wi-Fi, cellular data or other means of wireless communication, there is always a direct connection to the internet. This means there’s always a way to get in and, perhaps more importantly, that device can then use that internet connection to attack other online entities. We prefer to do things differently. Instead of using TCP/IP over the mobile data channel, we use part of the GSM voice network to publish and subscribe to MQTT messages via our platform (the new LTE offering does use TCP/IP but still has no exposed IP address).

This means devices don’t have an external IP address and are, therefore, completely invisible to the internet, which means that even if the device is compromised locally—for example, if someone were to load the malware directly onto the device from a USB stick—it would simply not be capable of being part of a botnet. With this approach, IoT botnets are no longer a problem.

IoT Without the Internet
The internet-free IoT method also has benefits when considering other types of IoT related exploits. Another type of attack that is gaining pace with the adoption of the IoT is when hackers take control of your devices, halting their operation, changing how they operate or stealing data in order to blackmail or somehow damage the business of the party on the receiving end of the attack. By having no visible presence on the internet, our IoT-enabled devices also make this practice very difficult for would-be hackers. Due to its unique use of the GSM voice network, messages from the device to the platform and vice versa don’t go anywhere near any of the protocols used or network layers compromised by popular exploits.

Does this make the technology infallible? Of course not. Nothing is. As the Internet of Things continues to grow, its part in the world of electronic warfare will grow with it. Over time, billions of IoT devices will become pawns in unknown battles, working for unknown masters. Don’t want to be a part of that? Consider a solution that enables a botnet-proof network.

Lee Stacey is the chief noisemaker and product evangelist at Thingstream. The company removes the complexity of creating and managing your remote industrial IoT applications. It combines connectivity and application management into a unique single platform. Lee has 25 years of experience working with technology-based companies, ranging from regional SMEs to global enterprises.