Endpoint Security , Internet of Things Security

IoT Botnets: Why the Next Mirai Could Be Worse

Researcher Allison Nixon Analyzes Exploitation of Devices Lacking Security Protection
Allison Nixon, chief research officer, Unit 221b

Cybercriminals are exploiting and using weak IoT devices in new ways, including as proxies for e-commerce fraud, says Allison Nixon of Unit 221b, who predicts that the next mass attack leveraging IoT botnets on the scale of Mirai will likely be way worse.

See Also: Webinar | Financial Institutions Seek a Step-In Approach to Sensitive Unstructured Data Compliance and Security

Botnets are incredibly useful for cybercriminals and also very difficult to take down. Cybercriminals are including IoT devices in the botnets because they often use default passwords and have unpatched security vulnerabilities.

In 2016, massive distributed denial-of-service attacks originated with the Mirai IoT worm, which underscored the seriousness of connected device security problems (see: Mirai Co-Author Gets House Arrest, $8.6 Million Fine).

In the latest trend, Nixon says, cybercriminals are now using IoT devices as proxies to avoid e-commerce anti-fraud payment features.

"From the perspective of the criminal bot herder, they don't really see things in terms of refrigerators, routers or things like that," Nixon says. "They see things in terms of what is the network interface they're interacting with. If a refrigerator has a public exposed service and that publicly exposed service is available to the whole internet, then it's just a matter of the bot owner finding the exploit to take over the machine."

In this video interview, Nixon discusses:

  • How cybercriminals are exploiting and using weak IoT devices in new ways;
  • How cybercriminal botnet activity is investigated;
  • Why the security of connected devices remains a concern.

Nixon is chief research officer with Unit 221b, a New York-based cybersecurity company. She has expertise in penetration testing, incident response, cybercriminal investigations and DDoS attacks. Her research and investigation into the Mirai botnet and subsequent DDoS attacks garnered her an FBI Director's Award in 2016. Nixon, who has presented at the Black Hat security conference, previously worked as director of security research for Flashpoint and at Deloitte, NTT Com Security and Dell Secureworks.


About the Author

Jeremy Kirk

Jeremy Kirk

Managing Editor, Security and Technology, ISMG

Kirk is a veteran journalist who has reported from more than a dozen countries. Based in Sydney, he is Managing Editor for Security and Technology for Information Security Media Group. Prior to ISMG, he worked from London and Sydney covering computer security and privacy for International Data Group. Further back, he covered military affairs from Seoul, South Korea, and general assignment news for his hometown paper in Illinois.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.