2 IoT Attacks That Are Waiting To Destroy Your Business

IoT devices are the future, but there are major malware attacks lying in wait to strike. “Reaper” and “IoTroop” are about to hit, stay protected! Read to find out more.

IoT (Internet of Things) is quickly becoming one of the biggest technology markets in the world. More than just smartwatches, wearables, personal assistants, smart door locks and speakers and lightbulbs and so much more. Everything is connected to the internet these days. You can remotely turn your oven on and off remotely. But cyber security experts say that the growth of the industry means a looming attack of major proportions.

Brian Krebs of KrebsOnSecurity reported on two powerful strains of malware that are ready to affect more than a million organizations. The malware infections are called “Reaper” and “IoTroop”. He and other security researchers discovered vulnerabilities in IoT companies like AVTECH, D-Link, GoAhead, NetGear, Linksys, and others.

Last year, a huge malware attack on IoT devices called “Mirai” struck and became one of the biggest cyber attacks in history. It took down Dyn, a huge online infrastructure firm (You may have heard of it as DynDNS) that is owned by Oracle. The attack impacted all its customers, including Twitter, Spotify, Reddit, SoundCloud, and much more. Mirai works by using factory and default login information to access backdoor entry to IoT devices like wireless routers. It was a major blow to the IoT industry.

Reaper and IoTroop are expected to be worse.

Israeli security firm CheckPoint announced they’ve been tracking the development of a massive new IoT botnet, IoTroop. They said it was set to “create a cyber-storm that could take down the Internet.” Here is what Brian Krebs said about the situation:

“If history is any teacher, we are likely enjoying a period of false calm before another humbling IoT attack wave breaks.”

The Mirai malware used IoT devices to launch DDoS (Distributed Denial of Service) attacks. After reporting on the Dyn attack, KrebsOnSecurity.com was hit with a “monster” attack that they of themselves couldn’t handle. Brian Krebs said, “On Sept. 20, 2016, KrebsOnSecurity.com was hit with a monster denial-of-service attack from the botnet powered by the first known copy of Mirai. That attack, which clocked in at 620 Gbps, was almost twice the size that my DDoS mitigation firm at the time Akamai had ever mitigated before. They’d been providing my site free protection for years, but when the Mirai attackers didn’t go away and turned up the heat, Akamai said the attack on this site was causing troubles for its paying customers, and it was time to go.

“Thankfully, several days later Google brought KrebsOnSecurity into the stable of journalist and activist Web sites that qualify for its Project Shield program, which offers DDoS protection to newsrooms and Web sites facing various forms of online censorship.”

These future attacks from the Reaper and IoTroop malware strains are expected to be worse, and Google can’t swoop in and save the day for everyone (plus not everyone is as famous as KrebsOnSecurity). Everyone needs to protect themselves. When using IoT devices, make sure they are protected and updated. Get cyber security protection, and get it now. We don’t know when the storm will hit.