How to protect your Internet of Things devices
Internet-connected devices are nearly ubiquitous, with computer circuitry now found in a variety of common appliances. They can include security cameras, DVRs, printers, cars, baby monitors and refrigerators — even “smart” light bulbs and clothing. Collectively those devices are called the Internet of Things.
The Internet of Things is a big, juicy target for criminals. Up to one million devices were hijacked to create the Mirai botnet which was used to extort companies and bring a university computer system in New Jersey to its knees. The botnet was later exploited to bring down vast swaths of the internet in a sustained attack on Oct. 21, 2016.
Paras Jha, a former Rutgers University student, pleaded guilty Dec. 8 with two other men who admitted they wrote the Mirai code. Named after an obscure anime film character, Mirai scoured the internet for unsecured devices and easily found them.
Once discovered, the Internet of Things devices were hijacked by the Mirai malware and became part of a botnet that launched assaults on internet service providers and scores of websites. Jha, 21, allegedly monetized the botnet by demanding ransom to call off the attacks, using it to inflate the number of advertising clicks on websites, and renting it out to other hackers for their own nefarious ends.
The attacks on Rutgers’ computer system may have cost the school $9 million, prosecutors said. Rutgers officials told NJ.com the cost of enhancing security was one of the reasons the school hiked tuition in 2016.
When Jha discovered federal investigators were closing in, he released the Mirai source code to the world to cover his tracks. The code is still circulating online and causing damage, according to Brian Krebs, of KrebsOnSecurity.com.
Krebs advises taking these precautions to keep your Internet of Things devices protected:
•Avoid connecting your devices directly to the internet.
•Change the default credentials to a complex password that only you will know and can remember.
•Check the defaults, and make sure things like UPnP (Universal Plug and Play, which can easily poke holes in your fire wall without you knowing it) are disabled.
Security News,IoT News
via IoT – Google News http://ift.tt/2p8WBoj
December 26, 2017 at 02:12PM