CleanTec Industry News

Latin America. With the massification of the Internet of Things, more and more home appliances are connected, such as robotic vacuum cleaners.

This situation is generating a new risk. Botnets pose a great danger because their operators are able to use a network of infected computers to execute virtually any task, harming users of infected computers and third parties.

They do this by sending spam, distributing hoaxes and threats hidden in attachments, or executing distributed denial-of-service (DDoS) attacks. ESET, a leading company in proactive threat detection, analyzes the case of Mirai and home electronic devices.

There is a silent threat in front of our eyes and that, many times, goes unnoticed. The victims, in general, do not even know that they were infected, and the attackers have a success rate very close to 100%," warns Camilo Gutiérrez Amaya, Head of the Research Laboratory at ESET Latin America.

A DDoS (distributed denial of service, in Spanish) attack attempts to overwhelm the computational processing capacity of the attack's "targets" by overloading requests to overwhelm them.

In August 2016, a botnet was discovered that just a couple of months later would surprise the entire world with a DDoS attack. Due to the sustained DDoS attack of which the service provider of the Dyn Domain Name System was a victim, there were outages on sites and services of various kinds: Twitter, Airbnb, Reddit, Amazon, SoundCloud, Spotify, Netflix and PayPal, among many others. That wasn't the only big blow from the Mirai botnet that year: OVH, the French web hosting company, saw significant disruptions to its services and those of its customers, and the attack reached a record DDoS traffic for the time, exceeding 1.1 terabits per second.

The particularity of the Mirai botnet is that its large network was made up of digital devices connected to the internet (IoT - Internet of Things) that were infected because they did not have protection, were poorly configured or had weak passwords.

Home routers, video recorders, surveillance cameras, and any other type of smart device were leveraged by Mirai to perpetrate its attacks. It is estimated that this botnet was composed of more than 600,000 smart home devices connected to the internet

That was not all because the source code of Mirai was published on open source forums, which resulted in this technique being used in other malware projects. In fact, during 2023 there were several attacks where some of its variants were implemented.

"Anyone who installs a router, a camera, a TV or any other IoT device and does not change the default password, is favoring cybercriminals to carry out this type of attack.

Why? It happens that those who carry out DDoS attacks are aware of the default passwords of many IoT devices and, if the fateful October 21, 2016 taught us anything, it is that anything that connects to the Internet poses a risk," concludes Gutiérrez Amaya, from ESET Latin America.

What can be done about it? ESET shares the following recommendations:

- Consider IoT devices in the same way as a personal computer, so the same care should be taken such as immediately changing the default password and regularly checking security patches.
- Use the HTTPS interface whenever possible and, when the device is not in use, turn it off. If it contains other connection protocols that are not in use, it is best to disable them.