Endpoint Security , Internet of Things Security , Open XDR

IoT Botnets: Why the Next Mirai Could Be Worse

Researcher Allison Nixon Analyzes Exploitation of Devices Lacking Security Protection
Allison Nixon, chief research officer, Unit 221b

Cybercriminals are exploiting and using weak IoT devices in new ways, including as proxies for e-commerce fraud, says Allison Nixon of Unit 221b, who predicts that the next mass attack leveraging IoT botnets on the scale of Mirai will likely be way worse.

See Also: The Security Testing Imperative

Botnets are incredibly useful for cybercriminals and also very difficult to take down. Cybercriminals are including IoT devices in the botnets because they often use default passwords and have unpatched security vulnerabilities.

In 2016, massive distributed denial-of-service attacks originated with the Mirai IoT worm, which underscored the seriousness of connected device security problems (see: Mirai Co-Author Gets House Arrest, $8.6 Million Fine).

In the latest trend, Nixon says, cybercriminals are now using IoT devices as proxies to avoid e-commerce anti-fraud payment features.

“From the perspective of the criminal bot herder, they don’t really see things in terms of refrigerators, routers or things like that,” Nixon says. “They see things in terms of what is the network interface they’re interacting with. If a refrigerator has a public exposed service and that publicly exposed service is available to the whole internet, then it’s just a matter of the bot owner finding the exploit to take over the machine."

In this video interview, Nixon discusses:

  • How cybercriminals are exploiting and using weak IoT devices in new ways;
  • How cybercriminal botnet activity is investigated;
  • Why the security of connected devices remains a concern.

Nixon is chief research officer with Unit 221b, a New York-based cybersecurity company. She has expertise in penetration testing, incident response, cybercriminal investigations and DDoS attacks. Her research and investigation into the Mirai botnet and subsequent DDoS attacks garnered her an FBI Director’s Award in 2016. Nixon, who has presented at the Black Hat security conference, previously worked as director of security research for Flashpoint and at Deloitte, NTT Com Security and Dell Secureworks.

About the Author

Jeremy Kirk

Jeremy Kirk

Executive Editor, Security and Technology, ISMG

Kirk was executive editor for security and technology for Information Security Media Group. Reporting from Sydney, Australia, he created "The Ransomware Files" podcast, which tells the harrowing stories of IT pros who have fought back against ransomware.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.