Mirai, the first IoT botnet which was discovered in 2016 took down popular websites and services including Twitter, Airbnb and Netflix. Since then we were introduced to more advanced versions of Mirai like Persirai, Reaper, Satori and Okiru.
While the core of these malware flavors is to exploit weak credentials, the sophistication of these IoT botnets is increasing with aggressive features. E.g. Persirai could steal the password file from an IP Camera regardless of password strength. Reaper, from the same family, even more aggressive is believed to be behind the IoTroop botnet targeting financial institutions.
Recently we came across Torii, highly persistent with a richer set of features that can even exfiltrate sensitive data. Torii can infect a large range of devices with its modular architecture and multiple layers of encrypted communication.
No matter how sophisticated these botnets are, the common denominator for these exploits is weak credentials. So far, we have been worried about DDoS and its impacts. Torii has advanced features which allow it to exfiltrate sensitive data, taking the impact of an IoT botnet to higher level, with potent safety and compliance issues. IoT use cases are about data. If the device identity/authentication is vulnerable, the data can’t be trusted. This will be a big impediment for IoT adoption.
Recent challenges with IoT botnets have grabbed the attention of Government organizations as they could introduce social and economic issues beyond security. UK Government published a report earlier this year called “Secure by Design” which outlines 13 sections within the report’s proposed code of practice. The first three sections carry a higher priority as they aim to address the core problems in IoT devices: weak credentials and known vulnerabilities.
Device Authority KeyScaler is the first device centric IoT IAM platform to deliver the Trust and Automaton. This platform has all the features to address the IoT Botnets.
Please contact us for additional details.
Please wait while you are redirected to the right page...