The Calm Before The Botnet Storm

The Calm Before The Botnet Storm

Richard Clayton Richard Clayton

Richard Clayton

发布日期: 2017年10月31日
+ 关注

Check Point Researchers reveal a new IoT global botnet, with a reach of 60% of corporate networks.

Hurricane Irma was one of the most powerful and catastrophic natural disasters in recent years, causing destruction and carnage wherever her path took her. In the last weeks of September though, just as that storm was dying down, Check Point’s Research team began to notice other dark clouds rapidly gathering in cyberspace.

The first ominous signs began appearing in the last few days of September. Our researchers were picking up on an increasing number of attempts by hackers to exploit a combination of old vulnerabilities found in Linux in 2014 and Wireless IP (P2P) WIFI Cameras found in 2017. This was alarming, for only now were attempts to exploit these vulnerabilities suddenly being used.

Within a few days, it was estimated that almost 60% of organizations were falling prey to these malicious scanning attempts, looking to penetrate their IP Cameras and D-Link routers. Were attackers to have been successful, they would have gained remote access to sensitive information on a victim’s network.

Then, on October 15th, just as the attempts were accumulating and becoming clearer, a new attack vector entered the mix to add pressure to the gathering storm clouds. Not satisfied with their attempts at breaching the Linux and WIFI Camera, an additional channel of AVTECH Wireless Camera vulnerabilities was added; vulnerabilities that had also barely been seen to have been previously exploited. Furthermore, with every passing day, new varieties of devices were being added.

With the attempted attacks coming from many different sources, and similarities with the infamous IoT Mirai Bot beginning to appear, it didn’t take long to realize that a possible larger threat was behind this trend. Indeed, our researchers noticed that many of the attack attempts were coming from a variety of IoT devices themselves. This leaves no other option than to conclude that a new IoT Bot is now targeting, exploiting and spreading via IoT devices, specifically IP Cameras.

IoT Botnets have been behind some of the most damaging cyber-attacks against organizations worldwide. From hospitals and national transport links to communication channels and political movements, they leave a trail of havoc and destruction in their wake. Our research suggests we are merely experiencing a new calm before the storm. The next hurricane is yet to come.


要查看或添加评论,请登录

Richard Clayton的更多文章

社区洞察

其他会员也浏览了