IoT devices allow us to connect everything and make our environment smart. However, manufacturers and security organizations have never been able to guarantee the safety of these devices, which has always cast a shadow over technology.
According to a report by Nozomi Networks, the continued growth of IoT in 2020 was also mirrored by growing categories of threats, with the biggest being botnets. The problem is further elevated by cheaply available IoT botnet networks such as dark_nexus, which are usually rented on the open internet for as little as $18.50 per month.
What is an IoT botnet?
A botnet is a network of internet-connected devices that is usually controlled by a hacker. To recruit a device, the hacker scans the internet for devices with certain vulnerabilities and connects to them. From there, they can install malware that allows them to control the device remotely. In most cases, the botnet code can do all this by itself.
Due to the insecure nature of IoT devices such as CCTV cameras, attackers today focus on these devices as they are easy to recruit using open ports and default passwords. Once recruited, a device joins thousands or millions of others to form an IoT botnet. These botnets are often used for distributed denial-of-service (DDoS) attacks and sending spam.
How to protect your IoT devices from botnet attacks
To ensure that your IoT devices are not recruited to be zombies in a network and used for nefarious activities, you need to take proactive measures to deter hackers.
Change defaults and use strong passwords
The use of default and weak passwords is the biggest threat to IoT devices. Most botnets take control of IoT devices by using default passwords, and this was the case with the infamous 2016 Mirai botnet attack, which took various services in the US.
Once you set up your device, change its default password to a strong and custom one immediately. Ensure that you follow the standard best practices for strong passwords, for both your devices and your Wi-Fi. You can use a password manager to help generate and store your passwords.
Segregate your network
Segregating your IoT network involves using a different Wi-Fi network for your IoT devices, such as IP cameras and smart refrigerators. This is a good security measure as it ensures that less secure devices have reduced exposure.
Some routers allow you to do this through a feature known as Access Point Isolation. Depending on your manufacturer, this may also go by the names AP isolation, Access Intranet, or guest mode.
Apart from segregation, it’s also advisable that you use premium anti-malware software on all your devices. This will help prevent advanced threats such as phishing and spyware, which an attacker can use to gain access to your network.
Vet the manufacturer
Manufacturers have a huge role in protecting IoT devices. Some have taken the initiative, but others are just focusing on a quick time-to-market and eye-catching user features. This means that you need to do proper research and vet manufacturers before you buy your next IoT product.
Check for the security procedures in place as well as reviews from independent sites and forums. Also, look for information on whether the manufacturer provides updates for products, as these are crucial in patching known weaknesses.
Power-cycle IoT devices periodically
IoT devices store most of their data in volatile memory. This means that when the device is shut down, it easily loses much of its data. You can take advantage of this to secure your IoT devices in case of an attack. If your device has already been recruited, shutting it down for a minute can help erase the installed malware. You can then use the other tips provided above to stay one step ahead of hackers seeking to enslave your devices.
%20(3)%20(1).webp "Iran launched a Major Cyberattack Against Critical Infrastructure in Israel"){kind=small}
