In the wake of the Reaper botnet, Paul Lipman, CEO of award winning consumer cybersecurity company, BullGuard, has urged the security industry and device manufacturers to address the growing threat from unprotected smart devices.
The call follows the discovery of the latest Internet of Things (IoT) botnet threat, known alternatively as Reaper or IoT Troop that has already enveloped smart devices on more than a million networks worldwide.
Reaper uses actual software hacking techniques to break into devices – evolving beyond the October 2016 Mirai IoT botnet, which exploited weak or default passwords on impacted IP cameras and internet routers, and took down major websites across the U.S. including Twitter, Netflix and the New York Times. Reaper’s potential for major Distributed Denial of Service (DDOS) attacks that rapidly take down online services is enormous, and makes last year’s Mirai IoT botnet look like child’s play.
“Reaper is a landmark evolution for hacked smart devices. Unlike Mirai it doesn’t rely on exploiting devices with simple default credentials, rather it exploits numerous vulnerabilities in different IoT devices. It uses sophisticated techniques to hack routers and various smart devices,” said Paul Lipman, CEO of BullGuard.
“The industry must wake up and address this issue. Taking down websites may seem relatively innocuous, but Reaper has the potential to cause massive amounts of damage including crashing important online services. How long before we see organizations held to ransom or critical national infrastructure brought to a halt? These are very real and plausible scenarios, yet those responsible for security seem to have gone to sleep,” added Lipman.
378 Million Devices Potentially Vulnerable to Hacking in 2017
The scale of poor IoT device security was recently revealed by an analysis of BullGuard’s IoT Scanner, a tool that scans home networks searching for vulnerabilities. Approximately 310,000 users accessed the BullGuard IoT Scanner to scan their network for vulnerabilities.
The scan analysis revealed that 4.5 percent, or nearly 14,000 devices, could be easily hacked. Industry analysts at Garner forecast that 8.4 billion connected things will be in use worldwide in 2017, and will reach 20.4 billion by 2020. Extrapolating BullGuard’s IoT Scanner results means 378 million devices are potentially vulnerable to hacking now, growing to more than 900 million potentially susceptible devices by 2020.