Warnings over a new hacking botnet called ‘Reaper‘ have been issued. It has been identified as the latest major cybersecurity risk to devices connected to the internet, and first emerged in October 2017.
Cybersecurity company Check Point reports that over a million internet connected devices have already been infected, and it doesn’t look like the botnet will be stopped anytime soon. They warn “our research suggests we are now experiencing the calm before an even more powerful storm. The next cyber hurricane is about to come.”
What are “botnets”?
Botnets operate by infiltrating networks and servers to infect millions of computers and internet-connected devices with malicious software. Once infected, the cybercriminal could take control of the devices, using them extract information, take down websites and even launch further attacks.
Avivah Litan, vice president and analyst for tech research company Gartner, urges people to take this cyber threat seriously: “It’s a very big deal,” she says.
A threat that quickly spreads
By identifying and exploiting vulnerabilities, a botnet can spread from device to device. These vulnerabilities are often found in devices like webcams and routers that don’t always have adequate cybersecurity. Manufacturers for these at-risk devices, like Netgear and Linksys, say they’re aware of the risks and encourage their customers to use their support services and websites and keep devices regularly updated so new software can patch up known vulnerabilities.
Security experts are extremely concerned that the new botnet is much more sophisticated than previous ones experienced. Last year, botnet “Mirai” caused a huge amount of disruption and damage when it launched a distributed-denial-of-service attack (DDOS) that led to popular sites like Twitter and Netflix to go down. In the end, “Mirai” was fairly easy to get rid of by simply rebooting affected devices. However, Reaper is expected to infect many more devices and with greater ease as it’s programmed with “automated basic hacking techniques” just by using known vulnerabilities.
What can be done about it?
On the plus side, it has been discovered. While the botnet is still busy infecting devices, organisations and individuals are aware of the risks and therefore have the opportunity to task steps to protect themselves.
Security analysts are confident that once the botnet shows its hand by being used for a specific purpose, it shouldn’t take too long to take it down: “Having a big fat internet hate cannon is neat, and it’s hard to stop for a time, but it’s a bit of a one-trick pony so people will just cut them off the internet eventually,” said one independent security analyst, “the way these exploits appear to work, a firmware upgrade should in theory fix the problem.”
Sounds simple enough, but in practice, the reality of it might not look so clean.
Not all who purchase and use ‘at-risk’ devices may remember, or have the time, to install updates. Firms will need to make a much bigger effort to actively protect themselves and their stakeholders rather than leaving them at risk and expecting to take advantage of updates.
In addition, although the attack may be easily stopped once it has been triggered, it doesn’t mean the damage stops too. In the time between launching the attack and stopping it, cybercriminals may have already stolen enough information to cause trouble elsewhere. Organisations therefore need to take every cyber threat seriously and make sure that they are doing all they can to protect their consumers.