The wonderful world of cyber-threats is full of buzzwords and phrases. Red teaming, botnet, IoT, smart attacks, thingbots…the list is getting pretty long as the landscape evolves and mutates.
But what on earth are thingbots? And why are they a threat? Let’s find out.
To define a thingbot, first of all we need to be clear about the concept of a botnet. A botnet is typically a collection of connected computers that are used to carry out repetitive tasks. This is completely legal in many cases e.g. when making the user journey smoother on a website.
However, illegal botnets gain access to computers by infecting them with malicious code. This code then adds the computer to the botnet. Most of the time people don’t even know their computer has been compromised.
Now, if we replace the botnet computers with IoT and connected devices – so your smartwatch, your smart TV, your home hub (Alexa, Google, Apple, etc.) and your smart fridge – we’ve made ourselves an Internet of Things botnet, known in short as a thingbot.
It’s no secret that attacks exploiting notoriously insecure IoT devices have surged in recent years. From 2016 to 2017 the number of global IoT attacks increased 600%. and in the first half of 2018 alone IoT attacks had tripled compared to 2017’s figures.
In 2018, cybercriminals began adopting thingbots to leverage methods including installing proxy servers to launch attacks from, crypto-jacking, DNS hijacking, credential collection and stuffing, fraud Trojans and more. Ultimately, thingbot attacks can lead to a huge wealth of valuable information landing in the hands of hackers.
For you, the end user, having an infected device means that your network is vulnerable to being hacked.
Attackers can use insecure devices as a way into your router. Any device connected to your WiFi could then be compromised. When you think of the number and types of devices on your home WiFi – your phone, laptop, tablet etc. – and how much of your personal information is stored on them, it’s pretty scary to think all this can be stolen just because of one insecure device.
The global population is now outnumbered by connected devices. When you combine this with the fact that these devices are so poorly protected, it’s no surprise that thingbot attacks are on the rise. Many of us are not taking the proper steps to ensure our devices and the personal information they hold are safe.
This time of year is especially rife for these types of smart cyber-attacks, according to Secarma’s cybersecurity expert Paul Mason:
“People get their brand-new, shiny devices on Christmas Day and don’t think about how insecure they are. Hackers are literally waiting to attack them, knowing that most people won’t change the default password or update the software for at least a few days.”
This isn’t just a threat to people’s home networks. Come January many still haven’t properly secured the very devices they now want to connect to your business’ WiFi. This opens up huge vulnerabilities in your corporate network. So, if you’re currently letting your employees connect their own devices to your network then there’s an awful lot of back doors being left open for attackers to get in.
As pointed out in the Secarma #12daysofChristmas security series, there is no such thing as a secure IoT device. But, there are steps we can take to make it harder for attackers to take advantage of this tech.