“IoT Devices Beware: The BrickerBot”

  • 6

“IoT Devices Beware: The BrickerBot”

Dear Blast Readers,

 

Do you leave your IoT (Internet of Things) Devices connected to the internet? Did you know that if you leave you IoT devices connected to the internet, even when you are not using them, it opens doors allowing hackers more time to gain control of your devices? Did you know that there is a form of malware that leaves your device impossible to use once infected?

 

A BrickerBot is a form of malware that has been created to infect a collection of devices. The “Bricker” in “BrickerBot” is referring to rendering a device, or devices, completely useless or inoperable, like a brick used as a paperweight. This is accomplished when the BrickerBot corrupts the device’s storage capabilities.

 

The way in which BrickerBots behave do not always match up with the behavior of traditional botnets. A botnet is a network of devices that have been infected. Their purpose is to keep the infected devices around for as long as possible.

 

Most botnets can be used for:

  • Sending out spam.
  • DDoS Attacks (also known as “Distributed Denial of Service Attacks”).
  • Phishing Attacks.

 

BrickerBot Malware uses a “Permanent Denial of Service” attack or PDDoS attack. This is when the BrickerBot physically disables the device.

 

How?

 

The device is physically disabled when the BrickerBot corrupts the firmware on the devices. Usually the only way to fix this is to replace the device, or if possible re-install the firmware.

 

BrickerBots use a set of commands to help accomplish their end goal of “Bricking” your smart devices. These commands will:

  • Render Flash storage useless by writing random bits to the storage drives on the devices.
  • Disabling TCP Time stamps, leaving connectivity vulnerable.
  • Limiting the processes that the devices can run at once.

 

How are you supposed to protect yourself from a BrickBot?

To protect yourself and your IoT Devices from BrickBots, you should:

  • Change your login information (BrickBots come with a dictionary containing default login information).
  • Limit the internet connectivity your device has. (Leaving your IoT devices connected, especially when you are not using them, gives hackers more time to take control and infect your devices.)
  • Install updates as frequently as they become available.

 

It is important to remember:

  • Every device that is smart and/or has internet connectivity should have STRONG PASSWORDS.
  • Take security into your own hands, do not rely on default security from the manufactures. (Remember: BrickBots come with a dictionary that contains default login information. Changing your login information should make your devices harder to hack.)

 

If you have any questions relating to IoT Devices, IoT Security, Hacking, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.


  • 0

“Year of the Hack!”

 

Dear Blast Readers,

 

From everyone here at FDS Global we would like to wish you a Happy New Year. But as the New Year begins we are in the most tumultuous point in history when it comes to Cyber Security. Many new threats that have arose at the end of 2016 and many more will arise in 2017. With claims of the United States Government being HACKED by foreign entities such as Russia and China companies and the lay person has much to fear, but as an old saying goes prepare for but pray for peace. With this saying in mind, the best strategy to counter possible attacks is to prepare your company with the best defenses.

 

Here are some helpful tips that will keep you ahead of the Cyber Criminals and their attacks.

1. Change, if there is one thing that both IT professionals and Cyber criminals have in common is that fact that they both do not like change (but for different reasons). IT professionals do not like change because they want to keep the systems and processes static to:

  • Make their lives easier and
  • To keep their work organized.
    • Cyber Attackers on the other hand thrive off static networks. This is because if these networks do not change than they can study them, learn all the ins and outs (using that knowledge to compromise your data.
    • If you want to make the life of a cyber-criminal difficult, create & environment that prospers with change (meaning move your data and change the networking design & changing passwords regularly).

2. Use Antivirus and Antimalware software. Antivirus and Antimalware software are critical to any company in the defense of Cyber-attacks. The most important key to using Antivirus and Antimalware software is regularly updating them, this help prevents from zero-day attacks. Zero-day attacks use viruses and malware recently created.

3. Monitor for irrelevant information usage. It is important to watch for activity that does not make sense for your company/organization. Cyber criminals do their homework before they attack a company/organization, meaning they know how to slip through the cracks. Spotting suspicious activity, like an employee who no longer works with the company doing something inside the network is an example of suspicious activity. Being vigilant can be help stop data breaches.

4. Back Up your IT Environment. Did you know that one of the leading causes of Data Loss is human error? To help prevent data loss back up your IT environment, so that if something happens you have a recovery point to start from. Having a recovery point will help mitigate the amount of information lost and decrease the amount of time until your company is back up and running.

5. Train your Employees in Cyber Security. Cyber Security education and training is important for employees to learn. It teaches them why it is important to watch for suspicious activity, as well as the importance of changing passwords. Teaching employees this will help you have a more vigilant work force.

 

If you have any questions on Strong Passwords, Good Antivirus and Antimalware software, what constitutes “irrelevant network usage”, the proper way to back up your IT Environment, or are interested in FDS Global’s Cyber Security Training and the CLE credits that coincide please contact us by phone at 954-727-1957, or contact us by email at rmoody@forensic-data-svc.com. Also, Visit our website at www.FDS.global. `