By Tony Ramsey, Practice Manager, Networking & Security
IoT devices and gadgets which are the primary target of the 'Reaper' botnet present a new attack vector and easy-to-exploit vulnerabilities. These vulnerabilities. coupled with the number of IoT devices, have certainly helped the 'Reaper' botnet reach the critical mass needed to deliver a massive DDoS attack or a crippling payload to its victims. But don't fret, it hasn't done so yet. When compared to the Mirai botnet attack last year, the good news is that security experts are more prepared for it.
The major concern is the sheer number of infected devices and their combined computing power harnessed by botnet controllers through injection of malicious code that has the potential to cause massive problems.
The numbers provided by 360 Netlab are impressive:
Infected bots connected to one controller: About 28,000 infected devices
Number of devices vulnerable to 'Reaper' botnet: As far as two million
It’s important to note, however, that this botnet has already lost the element of surprise. The 'Reaper' botnet controllers and some of its code are now known to the internet security community. Its method of infection: exploiting known vulnerabilities and its propagation between devices are also being analyzed.
Therefore, it is no longer a question of detection but prevention.
This is certainly the time for device vendors to provide security patches for hardware and software platforms to address the specific exploitable vulnerabilities.
There’s much anxiety in the internet security community since we’ve not yet seen any attacks or malicious activity and the Reaper botnet still seems to be in the expansion phase; its intention for a concerted malicious attack is yet unknown, but we know that its potential magnitude of damage is quite large.
Some of the infected networked devices are mainly for home and SOHO use, so education and awareness is needed by consumers who aren’t necessarily accustomed to applying security patches and in-depth configurations for threat mitigation.
'Reaper' Botnet Update:
The original claim in the security world that this is one of the largest botnet infections ever has been significantly reduced. As of today, the prediction is that the 'Reaper' botnet isn't as far reaching as expected, but it could change at any moment. The question is, will the 'Reaper' botnet cause more widespread damage than the infamous Mirai?