Connect with us

Cybersecurity

Gafgyt and beyond: Inside IoT DDoS Malware

In a Distributed Denial of Service (DDoS) attack, a cyber attacker overwhelms their target by bombarding them with enormous quantities of fake data, knocking them offline

mm

Published

on

Best DDoS Protection Techniques

In a Distributed Denial of Service (DDoS) attack, a cyber attacker overwhelms their target by bombarding them with enormous quantities of fake data, knocking them offline or significantly impeding their ability to offer service regular to legitimate customers.

Because it’s challenging to overwhelm a target on your own, DDoS attacks almost always use a botnet, a zombie army of remote-controlled connected devices, which can launch coordinated attacks to consume a victim’s upstream bandwidth.

Picture it like recruiting a group of friends, acquaintances, and anyone else you can persuade with access to a phone to call a local business at a particular time repeatedly. While you could annoy by doing this yourself, using a single phone line, by getting a large group of people to do so, you can tie up as many phone lines as the target company might have open at once. You also make it much harder for the beleaguered business to trace the party responsible since all the calls come from different numbers.

A botnet works a lot like this. It refers to a collection of internet-connected devices that have been infected using malware to be controlled by hackers. The name “botnet” is a combination of “robot” and “network.” The biggest botnets have involved hundreds of thousands or even millions of connected devices. Those targets without the proper DDoS mitigation tools can be in serious trouble.

1. Attacking IoT devices

Virtually any internet-connected device can be used as a botnet. All that’s required is that it can send messages on command. That means that while malware-infected desktop and laptop computers have been used in botnet-driven DDoS attacks, they too have smartwatches, intelligent security cameras, intelligent kitchen appliances, and home routers.

Some of the devices are ones their owners may not even think of as computers, although that’s precisely what they are. They may also have no awareness that their device is part of a botnet, perhaps only experiencing the occasional slowdown in service — since many devices in a botnet lie dormant until they’re used for a DDoS attack or, sometimes, for sending spam messages.

cybersecurity is essential to the global supply chain

There are many significant advantages to cyber attackers targeting Internet of Things (IoT) devices such as IP cameras and intelligent refrigerators for DDoS attacks. One is the massive number of devices that can potentially target. According to consumer data company Statista, the average number of connected devices per household in the United States last year was 10. Globally, the firm claims that there are around 21.5 billion interconnected devices.

Just as important is the fact that, in many cases, IoT security can be surprisingly poor. That makes these devices comparably easy to compromise for IoT botnets. Poor security may stem from weak and guessable passwords, often unchanged from their default passwords, insecure ecosystem interfaces, flawed security update methodologies, and more.

2. Botnets in action

Whatever the reasons, hackers have wasted no time targeting these vulnerabilities to build bigger, worse botnets. The devastating Mirai botnet, which emerged in 2016, infected IoT devices by scanning the internet for open ports and then trying to access them by using a list of more than 60 default passwords. It was used as part of multiple DDoS attacks.

Mirai’s tricks continue to be used in similar botnets. More recently, variations of a botnet malware family called Gafgyt have used code from the Mirai botnet to target and potentially infect susceptible IoT devices, including routers made by Huawei and Realtek. It downloads malware payloads that can be used to stage DDoS attacks by exploiting vulnerabilities in these devices.

DDoS attacks have been around for decades, but the approaches used by attackers continue to evolve. As seen with the Gafgyt malware and the continued threat of Mirai and Mirai-inspired botnets, attackers constantly tweak their systems to build larger, more dangerous botnets which can be used to inflict harm on targets.

3. Defending against DDoS

Anyone in possession of an IoT device should take steps to ensure that it is adequately secured. This involves changing the name and default password of machines, using strong passwords, providing firmware updates that are downloaded and installed, and avoiding using public Wi-Fi to access IoT networks.

To defend against DDoS attacks, you should also make sure that you deploy the correct anti-DDoS tools. This includes solutions for DDoS detection (able to recognize attacks as rapidly as possible), diversion (to defend against application-layer and network-layer attacks), filtering (blocking malicious traffic while continuing to let legitimate users through), and analysis (to gather information about attacks and attempted attacks.)

Distributed Denial of Service attacks (DDoS attacks) is not going away any time soon. The most that companies can hope for is preparing for them and figuring out how best to mitigate them. Given the potential damage they can cause — from unwanted downtime to long-term reputational damage — this is one of the smartest investments you can make.

We are an Instructor's, Modern Full Stack Web Application Developers, Freelancers, Tech Bloggers, and Technical SEO Experts. We deliver a rich set of software applications for your business needs.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published.

Cryptocurrency

Top 5 Advantages of Using Crypto Trading Bots

This article will go over the top five benefits of employing crypto trading bots and help you determine if it’s something you should invest in for your enterprise:

mm

Published

on

Ethereum Cryptocurrency

Trading bots for cryptocurrency are truly an excellent method for generating money. They handle your transactions for you, giving you more time to emphasize other aspects of your life. It is feasible to program these robots to employ a variety of trading techniques and to trade regularly.

Before moving into any of these trading technologies, it is advisable to learn crypto trading by enrolling in specialized courses to master the intricacies. This article will go over the top five benefits of employing crypto trading bots and help you determine if it’s something you should invest in for your enterprise:

1. User-Friendliness:

Trading bots for cryptocurrency are effortless and require no technical background. All you want is a list of resources to deal with the bot, your preferred entry/exit parameters, or how often you prefer it to perform using the specified procedures.

These technological solutions can even handle numerous trades at the same time! If you’re a frequent trader who spends a lot of time hopping between several cryptocurrency exchanges, it will save you far more time.

2. Strategy customization option:

cryptocurrency trading bots allow you to create trading strategies. You won’t have to maintain a constant check on your marketplace to keep track of pricing adjustments. The bot will take care of everything. Crypto traders waste a lot of time reviewing their profit limits; therefore, automated methods might be beneficial – they save considerably more space in your day.

High-frequency robots work at frequencies far better than humans can. They execute hundreds of millions of little transactions each day and can make these judgments using complex algorithms.

Cryptocurrencies Bitcoin

3. Risk Management:

Cryptocurrency trading bots let you build up orders for your trades, including terminating all other orders and stopping transactions if one of them fails. This keeps dealers from trailing their whole account balance due to a poor transaction or a series of bad deals.

4. Backtesting:

Finally, you may backtest techniques using statistical information before investing real money, which means you can trade on a digital marketplace first, devoid of risking any cash. Before investing actual money, you may tweak these settings until they’re lucrative or at least worth a try. You may then switch the settings to your existing account and check how they operate when this procedure is done.

5. Transparency:

Most cryptocurrency trading bots are freely available, allowing anybody to scrutinize the code and learn how they operate. This is in contrast to other advanced software, which might be difficult to decipher what’s happening behind the lines.

There are no additional expenses or mysterious methods with these automated processes, so you always know what your bot does. While this may not always be the case with API-based web apps, most standalone programs will offer their original code available for anyone to review before judging whether or not it’s secure.

Overall, cryptocurrency trading bots can save time while improving earnings over time by establishing rules that prohibit unproductive deals from taking place in real-time. Rather than relying on a single instrument, diversify your portfolio with many crypto robots to mitigate risk and boost returns over time.

Continue Reading
Advertisement
Advertisement
Marketing5 hours ago

Manufacturing Cosmetics: How does it work?

Internet2 days ago

6 Fun Activities For Your Next Virtual Corporate Event

Bitcoin3 days ago

Best Dogecoin Mining Pools to Join in 2022

Mobile Apps4 days ago

Why is Geo Location So Important for Delivery Apps?

Internet4 days ago

3 Advantages of Having a Communication API Platform

Business6 days ago

Six Ways You Can Start an Online Counseling Business

Bitcoin6 days ago

What Opportunities of Cheap Cryptocurrency Can be Used for Investment

Computer1 week ago

Dedicated Participation in the RBI Assistant Mock Test

Big Data2 weeks ago

Benefits of Data analytics for Your Business

Cryptocurrency2 weeks ago

Top 5 Advantages of Using Crypto Trading Bots

Advertisement
Advertisement

Trending