You will remember us discussing the nasty Mirai Distributed Denial Of Service (DDOS) botnet which uses poorly configured or just the plain rubbish security of Internet of Things tings, like security cameras, webcams and lightbulbs to overwhelm selected targets with a gargantuan amount of traffic.
Well it seems like the naughty malware has been very busy this week, compromising about 900,000 routers of Deutsche Telekom broadband customers in Germany.
It looks like the Mirai code has been adapted to attack routers on their maintenance ports, either crashing them or hijacking them for nefarious purposes. Deutsche Telekom has released patches for the Speedport routers concerned.
It is highly likely that this trend will continue worldwide so update your broadband modems to the latest release as soon as you can and watch out for announcements from your ISP.
We really do live in troubled times. It has never been more evident that security is about CIA – Confidentiality (massive data breaches), Integrity (Ransomware) and Availability (Ransomware, DOS and DDOS).
The prime motivation for these attacks, as we are frequently pointing out is money, and the criminal fraternity will stop at nothing in their pursuit of yet more filthy lucre. You will have noticed increased ransomware attacks on hospitals with very sick people in them (and attacking them) around the world.
As James Snook, the deputy director in the UK Government’s office of Cyber Security recently pointed out, it is much more expensive to defend against an attack than it is to launch one.
We recommend that you put yourselves in the mindset of a criminal mastermind, (easier for some than others!) and think what systems under your control could be leveraged directly and, just as importantly, indirectly to enable Moriarty and Co. to fill their pockets.
Having thought this through, stroked your cat (real or imaginary), and let out a few cheeky ‘mwahahaha’s, make a plan to reduce the opportunity that your systems present to the criminal or his evil automatons as much as you can, focussing on but not restricting yourselves to your key assets or Crown Jewels.
Whilst we wait for vendors of IoT devices to sharpen up their act and improve out of the box security, and we could be waiting a very long time, you may well be doing unknown citizens or organisations anywhere on the planet a massive favour by ensuring that you remediate security issues in your IoT devices through patching and proper secure configuration. That has to be A Good Thing.
A few of us have spent the week in Vegas (baby) at the Amazon Web Services Re:Invent conference. Many mind-blowing technologies and services were announced and discussed including an articulated lorry towing a container full of storage (Petabytes), which will drive up to your DC suck up your data, drive to AWS and install it in the cloud. No joke – it is called ‘Snowmobile’. Read all about it here.
AWS also announced advances to its serverless Lambda technology, which may well be just the thing the IoT is waiting for. Watch this space for further discussion.
If you would like to discuss Botnets, DDOS, the IoT or anything else security related, don’t hesitate to contact us at: [email protected] or 020 7517 3900.