A botnet is a network of systems, combined together with the purpose of remotely taking control and distributing malware. Controlled by botnet operators via Command-and-Control-Servers (C&C Server), they are used by criminals on a grand scale for many things: stealing private information, exploiting online-banking data, DDos-attacks or for spam and phishing emails.
The Botnet in the Internet of Things
With the rise of the Internet of Things (IoT) many objects and devices are in danger of, or are already being part of so called thingbots – a botnet that incorporates independent connected objects.
Botnets as well as thingbots consist of many different devices, all connected to each other – from computers, laptops, smartphones and tablets to now also those “smart” devices. These things have two main characteristics in common: they are internet enabled and they are able to transfer data automatically via a network. Anti-spam technology can spot pretty reliably, if one machine sends thousands of similar emails, but it’s a lot harder to spot, if those emails are being sent from various devices that are part of a botnet. They all have one goal: If thousands of email requests hit a target, it does not come as a big surprise, if the platform crashes while struggling to cope with the enormous amount of requests.
Botnets pose a huge risk, for example attacks against critical infrastructure or gaining unsolicited access to company networks. The distribution of malware through a weak link in the chain is another access point for botnets – and can lead to further infected devices within the network. Increasingly this happens without the knowledge of the device owner.
Day to day things like printers, fridges or televisions are often not receiving the same level of security as for example smartphones or laptops, hence they provide easy access to hackers looking for their next chance to launch an attack. A famous example was the attack on the Xbox and PlayStation networks last Christmas, where home wi-fi routers were used to mount the attack. Through the DDoS (Distributed Denial of Service) attack Microsoft and Sony servers couldn’t cope with the amount of traffic, which forced the online services to a halt.
With more and more devices joining the Internet of Things, attacks are only bound to increase. Many of the devices are there to track your habits, like what times you are home and likely to want the heating on, or the use of a connected camera to protect against physical intruders. This is interesting information not only for your own comfort and security, but also desirable for criminals. You need to bear in mind that information that you can access through the internet, can potentially also be seen by hackers, if not protected properly. And with the IoT developments still in its infancy, weak security is often still the case.
Different Levels of Security
Why is it that we already use high level of security for computers, or online banking, but neglect it, when it comes to equally protection-worthy devices like a smart heating system? We are used to two-factor authentication for online banking, happily combining the password/username combination with a randomly generated security code or similar. For smart devices this is often not yet implemented.
From Botnet to Thingbot
While in the past mainly Windows Operating Systems were targeted as part of botnets, now Apple and Android devices increasingly catch the attention of cyber criminals. But that’s not all. With the rapid growth of the Internet of Things, those devices are proofing to be a popular target already.
Worldwide it is thought that more than 500 million computers each year are compromised each year. With 50 billion connected devices expected by 2020 it’s not hard to imagine that hackers are looking forward to thingbot-heaven.
Securing the IoT with traditional PKI Deployments
Internet enabled devices are a huge threat, as they can easily be targeted. The majority of users have neither the possibility nor the knowledge to protect the devices suitably. The huge number of devices in addition allows areas for attack on a large scale.
PKI is based on tried and tested decades old standards, which offers enough flexibility to adapt to the changing requirements of the IoT. It offers authentication, encryption and data integrity and thus ticks the three major security boxes and helps to maintain trust in the IoT ecosystem:
PKI has been used to authenticate machines and servers for decades, and is an open standard for interoperability, in the sense of authenticating devices to cloud services, users to devices, and device to device.
Given the types of devices coming online privacy is a major concern. Encrypting communications to and from devices is essential. PKI-based solutions provide some basic and essential encryption mechanisms ensuring the privacy of communications.
Some of the transformative value when considering the future of IoT relies on devices being able to make decisions and act on their own without human intervention. In these scenarios, both the value and risk are directly tied to the integrity of the data.
The question of how to secure the explosive number of connected devices and services has been the topic of some of our previous blogs, so have a look for more background information.