Access the latest quantum technology

Quantum technology in Bristol and bath - find out more about how you can access the commercialisation of quantum technology for sensing and security

Monday, October 23, 2017

IoTroop botnet threatens cyber storm

By Nick Flaherty at

Researchers at cyber-security firm Check Point are predicting a new cyber storm with a new botnet called ‘IoTroop’.

While some technical aspects lead the researchers to suspect a possible connection to last year’s Mirai botnet, they say this is an entirely new and far more sophisticated campaign that is rapidly spreading worldwide.
The first signs were picked up via Check Point’s Intrusion Prevention System (IPS) in the last few days of September. An increasing number of attempts were being made by hackers to exploit a combination of vulnerabilities found in various IoT devices such as wireless IP cameras from GoAhead, D-Link, TP-Link, AVTECH, NETGEAR, MikroTik, Linksys, Synology and others. It soon became apparent that the attempted attacks were coming from many different sources and a variety of IoT devices, meaning the attack was being spread by the IoT devices themselves say the team

They estimate over a million organisations have already been affected worldwide, including the US, Australia and everywhere in between, and the number is only increasing.

“Despite its advantages, IoT comes with a host of security disadvantages,” said Stephanie Weagle, VP at Corero Network Security. “IoT devices are most often poorly managed, patched and secured; they are prime targets for hacker infiltration and takeover. Aside from the personal privacy and security concerns that result from these security gaps, the bigger danger is that these connected devices can be harnessed by hackers for a variety of nefarious purposes; DDoS attacks are prominent amongst them.

“In addition, attackers are becoming more creative and using new techniques to wreak havoc with IoT botnets,” she said. “These botnets can be rented for any duration, size and scale that the attacker pleases – aimed at any target. As we approach the one year anniversary of the massive Mirai botnet aimed at Dyn, security experts are reminded of the significant ripple effect of damage that attack had on the Internet. it’s not surprising at all that another ‘DDoS Armageddon’ is on the horizon.

“The DDoS protection of today requires robust modern DDoS defenses that will provide both instantaneous visibility into DDoS events, real-time mitigation as well as long-term trend analysis to identify adaptations in the DDoS landscape to deliver proactive detection and mitigation techniques,” she added.

Numerous devices were both being targeted and later sending out the infection say the researchers at Check Point. These attacks were coming from many different types of devices and many different countries, totalling approximately 60% of the corporate networks which are part of the ThreatCloud global network.

More detials are at

No comments: