The first time I saw that picture of the Dr. Evil meme, I never thought that it might be possible for the numbers to reach those nonsensical values, but if Internet connected brooms are in our future (see below), we might be in serious trouble, if the manufacturers of such devices keep ignoring the need for easily configured security settings on their gear.
The Mirai Botnet, which was responsible for the historic attack on Brian Krebs website, amongst others last month has grown dramatically. I came across this Botnet tracking website, which gives details of the number of infected hosts in the Mirai Botnet a few hours ago. At that time the total number of hosts was 1,479,110. It is now showing 1,547,552 (it’ll be higher by the time you read this ?) That means on a Wednesday morning in late October, another 68,000 devices have been hacked and are ready to be used for evil purposes. It is believed that last Friday’s massive attack on Dyn, which crippled such services as Twitter, Amazon, Spotify, PayPal and Netflix, was partly as a result of the Mirai Botnet according to Flashpoint.
Granted the total number of affected hosts is likely to be a lot lower as some of the earlier compromised devices may have been reset or disconnected from the internet either by their owners or by ISPs who detect such devices and block them.
Following the initial attack on Brian Krebs in September, I had blogged encouraging everyone to change the default passwords on their IP cameras and DVRs. However, it has become apparent that a particular make of these devices has a hard coded backdoor which is not under the control of the user. According to Brian Krebs:
The scary part about IoT products that include XiongMai’s various electronics components, Flashpoint found, was that while users could change the default credentials in the devices’ Web-based administration panel, the password is hardcoded into the device firmware and the tools needed to disable it aren’t present.
These affected devices will need new firmware to be installed on them to remove this backdoor, but (a) there is no sign of any and (b) given the numbers involved, it would be unlikely that even 1% would get updated, and that is me being wildly optimistic. ?
I want to finish on a couple of light notes … as whimsically stated by Jeff Jarmoc, “In a relatively short time we’ve taken a system built to resist destruction by nuclear weapons and made it vulnerable to toasters,” How very, very true. ?
And if you wondered what I was talking about in regards to an Internet connected broom above – this is where that came from – the Internet of Evil Things: