Picture it: You’re sitting at your computer surfing your favorite sites, when out of nowhere your browser crashes. You relaunch and attempt to reload the page you were viewing, but you have the same problem. Perhaps the site you were viewing is having trouble, so you try some routine maintenance. You open Windows Resource Monitor and see that your CPU is working at near capacity. Now you know something’s definitely wrong, so you launch your browser again to find information on CPU usage, and this time the browser takes forever to open. These are clues that your computer may have become an unwitting member of a botnet. That’s right, your computer might have been turned into a zombie.
A botnet is a collection of internet-connected devices infected with malicious software and controlled as a group without the owners’ knowledge (hence the colorful name “zombie”). These devices can include PCs, servers, mobile devices and internet of (IoT) devices that are infected and controlled by malware. The malware takes control of the devices and sends data or “calls” to a Command and Control (C&C) server.
What role do IoT devices play in the current botnet threat landscape? IoT devices are notoriously vulnerable to attack. They’re like little computers, except with no firewall or antivirus security features. Add this to the ever-growing number of IoT devices – 8.4 billion and counting – and you have the perfect storm for a botnet zombie invasion.
During September 2016 in France, the telecom provider OVH was hit by a distributed denial-of-service (DDoS) attack. This attack was one of the largest recorded. On a Friday afternoon in October 2016, the internet crawled nearly to a stop for most of the entire eastern United States. The tech company Dyn, a key part of the internet’s backbone, came under a crippling assault. During the last U.S. presidential election, it was feared that the IoT botnet called Mirai was at work and might possibly impact the election. Fortunately, there is no evidence that zombies voted in the election or altered any votes.
Another very high profile IoT botnet is Reaper. By many accounts this IoT botnet was even more dangerous than the Mirai Botnet. While Marai simply used unchanged default credentials to create zombies, Reaper exploits known security flaws in the code of those insecure machines and uses those known vulnerabilities to ensnare the devices and zombify them. This ability to exploit vulnerabilities may lead to reaper becoming an even bigger botnet than Mirai and infect a substantially larger number of devices.
Of course, there’s money to be made for the bot herders — aka the hackers who herd the zombies. As recently as February 2018, it was reported that a cybercriminal gang known as Los Calvos de San Calvicie were selling Distributed Denial of Service (DDoS) attacks for the low, low price of just $20 per attack. These are not large volume attacks — they range from 290- 300 Gigabits per second — but are still large enough to bring down a server unless it is protected against DDoS attacks. This IoT botnet is comprised mainly of Internet routers that you would use in your home or small business. There is virtually no IoT device that is immune to becoming a botnet zombie.
What can we do to protect ourselves and not become a zombie?
Here are some tips to help keep your device from becoming a member of the “Walking Dead”:
Want to more tips? Read more at InspiredeLearning.
Lanner Partners with Zededa to Demonstrate Industrial-Strength Cloud-Managed Gateway at the IoT Tech Expo 2018
The joint partnership announces a secure, cloud-managed gateway solution ready for deployment in critical infrastructures, such as power substations, manufacturing, transportation, intelligent buildings and smart cities.
MISSISSAUGA, ONT. NOVEMBER 27, 2018
Lanner Electronics, Inc. (https://www.lanner-america.com), a global leader in design and manufacturing of network appliances and industrial IoT gateways, will be demonstrating a joint solution with Zededa at the IoT Tech Expo in Santa Clara, Nov. 28-29, 2018. Zededa has developed an innovative cloud-managed software solution which provisions, administers and secures IIoT infrastructures. The joint solution of Lanner’s validated white-box gateway integrated with the Zededa real-time software is developed to enable interoperability and connectivity on both hardware and software levels in industrial automation, energy and retail applications.
Since 2013, Lanner has introduced a series of industrial gateway products designed for key applications, such as cyber security, edge computing, wireless connectivity and SD-WAN. The LEC-6041 is the latest platform in this series: It is powered by Intel Atom x7-E3950 or x5-E3930 for low power consumption and enhanced processing performance, the LEC-6041 ensures fault-tolerant network connection with Lanner’s exclusive LAN Bypass technology and protects the device identity with crypto-security in the TPM 2.0 hardware design.
To ensure operation inside harsh factory conditions, as well as electrical energy substations, the LEC-6041 is compliant with IEC 61850-3 and IEEE 1613 certification, by equipping 1.5 KV magnetic isolation protection for all LAN ports and 15KV ESD Protection for the I/O ports. The system can operate in a wide range of operating temperature from -40°C to 75°C. These features work together to assure maximum uptime while operating in hazardous surroundings such as OT environments. "To ensure our Industrial IoT customers receive the best solution, Lanner is providing a robust, purpose-built gateway based on previous generations of successful appliances deployed around the world", said Tim Casto, Business Development Manager of LEI Technology, a division of Lanner Electronics. "Combined with Zededa’s exceptional edge management software, the LEC-6041 provides a compact, industrial-grade platform designed to last many years in harsh conditions".
Lanner’s joint offering with Zededa provides customers a complete cloud-managed gateway solution and offers them a central dashboard to manage their entire global device deployment through any web browser. Features like zero touch provisioning and 1-click updates simplify administrative tasks, while Zededa’s zero-trust security model ensures device integrity in even the most remote locations.
“As more data generating activities occur at the edge, organizations are going to increasingly need to move compute and processing power closer to those activities, resulting in a massive ecosystem of distributed hardware, and creating complexities to manage and secure those devices,” said Said Ouissal, CEO of Zededa. “By leveraging Lanner and Zededa’s joint solution, customers can remotely manage their entire edge hardware footprint, right out of the box, and be confident that at any point they have the visibility and control at the edge necessary to ensure their devices are secure, up-to-date, and operating as expected.”
Lanner Electronics Inc is a world leading provider of design, engineering and manufacturing services for advanced network appliances and rugged applied computing platforms for system integrators, service providers and application developers. For more information, please visit http://www.lanner-america.com or follow us on Twitter at @LannerAmerica
Founded in 2016, ZEDEDA is pioneering a cloud-native approach to the deployment, management and security of real-time edge applications at hyperscale for solutions ranging from self-driving cars to industrial robots. ZEDEDA is headquartered in Santa Clara, CA with engineering and market development teams based in India, UK, Germany and Korea. For more information, please visit http://www.zededa.com or follow us on Twitter at @ZEDEDAEdge.