The continuous increase in the Internet of Things (IoT) dependence for both home and office use has provided for an alternative attack surface for perpetrators who target misconfigured IoT devices as well as devices with weak passwords. Cyber threat actors are using malware to compromise IoT devices and add them to botnets. Botnets are a network of hijacked computer devices used to carry out cyberattacks and scams. Once a device is added to a botnet, it can be used to automate mass cyberattacks without the owner’s consent. The botnet is capable of infiltrating the network of the resident organization, wipe data from affected devices, and launch a Distributed Denial of Service attack. Affected organizations may be disrupted from providing their critical services as well as running critical processes. This can lead to financial losses as well as reputational damage.

It is necessary for system administrators to avoid the use of default credentials for remote access. Continuous update of systems and devices, and round the clock monitoring is also important in preventing and detecting botnet attacks.

Author: NC3E