It is important to have an application security since no app is created perfectly. It is possible for any application to comprise of vulnerabilities, or holes, that are used by attackers to enter your network. Application security thus encompasses the software, hardware, and processes you select for closing those holes.
The malicious activity detection is only the starting point for attack investigation. To develop response and remediation measures, security analysts need to identify the target of attack, the origin of a malicious object, its popularity, etc. A report says that, almost three quarters (72%) of the analyzed malicious files fell into three categories: Trojans, Backdoors, and Droppers. In most cases, the suspicious uploaded files turned out to be Trojans (25% of requests), Backdoors (24%) – malware that gives an attacker remote control over a computer – and Trojan-Droppers (23%) that install other malicious objects.
A new botnet Reaper, which is much more dangerous than the last years Mirai (which broke targeted devices by guessing their ‘admin password’; however, Reaper is using an advanced version of the Mirai’s code to exploit known vulnerabilities and then look for other devices for further spreading the infection.) ‘Reaper’ is a botnet that uses advanced brute forcing and hacking techniques to break into IoT devices, such as wireless IP cameras and routers that are not properly secured (including weak or default password protection). Hackers are using the pre-set list of modules as well as programs that search for vulnerabilities of IoT devices.
The Maharashtra Cyber Cell Department has sent out an advisory to inform the public, government departments & corporates about a new botnet named ‘Reaper’ (‘or loTroop’) which is spreading in many countries across the globe. ‘Reaper’ is a botnet that uses advanced brute forcing and hacking techniques to break into IoT devices, such as wireless IP cameras and routers that are not properly secured (including weak or default password protection). Hackers are using the pre-set list of modules as well as programs that search for vulnerabilities of IoT devices.
Many technology companies speaks on how to accelerate the innovation, which can significantly boost productivity with AI and IoT. It is absolutely true that, with the combination of IoT and rapidly advancing AI technology, it is expected to create ‘smart machines’ that simulate intelligent behaviour to make well-informed decisions with little or no human intervention.
Now, with the invention of IoT botnet, which is a collection of compromised IoT devices such as cameras, routers, DVRs, wearables and other embedded technology that is infected with malware. It allows an attacker to control them and carry out tasks just like a traditional PC botnet.
As many IoT devices come with poor security features such as predictable admin credentials and open ports for remote access. Hackers typically compromise these devices via brute force login or inject malware via an open port or vulnerable service. In many cases, hackers leverage these exploits after researchers disclose a vulnerability. Many leading technology companies products been found compromised with this botnet. Reaper begins by scanning for TCP open ports and attempts to run execute the exploit included in it’s botnet.
Cybercriminals will continue to use IoT devices to facilitate DDoS attacks. While many of your connected devices cannot be protected, the router has the ability to provide protection at the entry point. The Router makers will likely continue to seek new ways to boost security. We have to stay in a big hope the innovation would continue to safeguard all the futuristic technologies.