IoT Botnet Code Published - Prepare For Epic DDoS attacksThursday, January 4, 2018
Widespread router vulnerability set to create new IoT DDoS attacks
Researchers are warning businesses that a new virulent wave of IoT DDoS attacks are imminent following the release of vulnerability exploit code used in the Satori IoT botnet.
The code relates to Huawei vulnerability CVE-2017–17215, which is now available to hackers and script kiddies alike on text storage site Pastebin. The vulnerability relates to a poorly-implemented local network configuration present in Huawei HG532 home routers, and allows an attacker to exploit a device and remotely execute code.
The vulnerability was uncovered by CheckPoint researchers in late December, and has already been patched by Huawei.
The warning echoes similar concerns after the code of Mirai was published back in October 2016, which resulted in a series of devastating DDoS attacks. Although DDoS attacks are often downplayed by businesses and perceived as a temporary inconvenience, the downtime they create can cause significant losses. In addition, their use as a highly visible distraction technique in more stealthy attacks has been widely documented.
Indeed, the US Justice Department unsealed the guilty pleas in mid-December of two men accused of developing and using Mirai, an IoT botnet that launched some of the largest volume IoT DDoS attacks the internet has ever seen.
Although DDoS mitigation spending has been on the rise, there is still plenty of scope for improvement. A recent report from Gartner forecasts worldwide enterprise security spending to total $96.3 billion in 2018, an increase of 8 per cent from 2017.
Ilia Kolochenko, CEO High-Tech Bridge, said: “More does not necessarily mean better. Moreover, in light of the ubiquitous penetration of all types of technology into our everyday life, skyrocketing DDoS attacks against SCADA and emerging IoT botnets, the growth of worldwide security spending seems to be very slow and inadequate to cover at least the most important risks.
“Many people prefer to bid on Bitcoin rather than investing in their cybersecurity. Results are clearly visible in daily media headlines announcing new data breaches and state-sponsored APTs. Hopefully, companies will re-evaluate their digital risks, implement risk-based cybersecurity strategy, revise their budgets and implement appropriate security controls to mitigate the most probable threats.”
“One should, however, be very careful not to overspend. Many companies can even reduce their current budgets by implementing risk-based approach to mitigate appropriate threats and vulnerabilities, and rigorously select vendors based on technology and not marketing claims.”
One guaranteed way to not overspend on security is to start out free - High-Tech Bridge recently announced the public launch of ImmuniWeb Discovery, a free service is a part of ImmuniWeb Application Security Testing (AST) Platform, designed to reduce AST costs, minimize external attack surface and help achieve compliance and regulatory requirements. The free service provides a continuous and non-intrusive application discovery, leveraging a wide spectrum of reconnaissance and OSINT information gathering techniques.