IoT news: Haijme and Mirai botnets engaged in battle over IoT
The Haijme malware appears to be securing devices against Mirai infections
20/04/2017: Mirai, the massive botnet that was responsible for knocking offline some of the biggest websites in the world last year, seems to have met its match in the form of another botnet that appears to protecting devices against infection.
The recently surfaced Haijme botnet, first discovered by security researchers at Rapidity Networks in October 2016, has been rapidly infecting tens of thousands of IoT devices over the past few months.
Particularly large clusters have been discovered in Brazil and Iran, accounting for as much as 35% of IoT devices infected with Haijme, although the malware is also present in China, Taiwan, Russia, Turkey, and Australia, according to Symantec researchers.
Unusually however, it appears to have no malicious functionality. Unlike the Mirai botnet, which was responsible for the widespread DDoS attack on websites in the US last year, taking down the likes of Netflix, Twitter and Reddit, the author of the Haijme botnet could very well be a 'White Hat', or an ethical computer hacker trying to stop the spread of malicious botnets.
"There are some features that are noticeably missing from Hajime. It currently doesn't have any distributed denial of service (DDoS) capabilities or any attacking code except for the propagation module," said Waylon Grange, senior threat researcher at Symantec, writing in a blog post.
Instead the malware retrieves a message from its control server and displays it on the terminal approximately every ten minutes, which states: "Just a white hat, securing some systems. Important messages will be signed like this! Haijme author. Contact CLOSED. Stay sharp!"
Although there are similarities between the make of the two botnets, with both using the same programmed username and password combinations, the Haijme relies on peer-to-peer networking for its Command and Control server (C&C) rather than a hard-coded address found in the Mirai malware.
The Haijme malware is therefore considered more robust, stealthier, and generally more difficult to takedown once a botnet is active, according to Symantec.
Once installed, the botnet is able to improve the security of IoT devices by blocking the ports most commonly used by malicious malwares, including Mirai.
Despite the apparent friendly service the botnet offers, Symantec has warned that it is still malware that creates backdoors into an IoT device, and could be mobilised for malicious purposes at any time.
The security firm has made a number of recommendations for customers buying IoT devices, including the changing of any default usernames and passwords that are supplied.
08/02/2017:Half of EU and US businesses 'lag behind' in IoT adoption
Almost half of EU and US businesses are struggling to adopt Internet of Things (IoT) due to "uncoordinated and siloed" approaches to integration, according to a survey.
Of 263 senior IT and business decision makers interviewed on behalf of IT services company HCL Technologies, 49% said that they are "struggling to get off the ground with IoT", and that their customers are likely to suffer as a result of a failure to effectively ultilise the technology in their services.
Although 82% of the respondents, from the US, UK, Germany and the Nordics,agreed that embracing IoT places an organisation in a stronger market position, only 38% have integrated the technology into their operations.
"Many companies have made inroads into the IoT, but when you peel away the layers, very few have embarked on truly transformative programmes," said Sukamal Banerjee, CVP and global head of HCL Technologies.
"This process can be incredibly daunting, so next-generation service offerings will play a crucial role in guiding organisations and helping them discover new types of value and a new, more effective way to compete," Banerjee added.
The report recommends the use of more profitable business models designed for IoT efficiency, and highlights company-wide projects, including the use of sensor data for charging customers or lab equipment providers that use data to automatically replenish supplies to their clients.
However, the findings suggest that businesses are still in the early stage of adoption, where IoT devices are used for single functions rather than company-wide programmes. This means that many customers miss out on IoT-led features that could make a service more user-friendly or provide additional functions.
Security also remains a concern, with 38% of participants citing data protection as the biggest barrier to IoT adoption.
Almost three-quarters of participants said they plan to enlist the support of specialist IoT providers, as they find it difficult to select the IoT platform most appropriate for their business.
IoT at a glance
The IoT describes billions of devices that are all connected to the internet, allowing them to communicate with each other and their users. This can be something simple, such as a smartphone synced with a television, to more complex networks monitoring urban infrastructure and traffic. Today this includes washing machines, fridges, wearables, and walking sticks pretty much any device you can think of can be connected to the web.The most compelling applications of the IoT are within society and industry, where machine learning and AI are revolutionising the way we do business.
The IT Pro guide to Windows 10 migration
Everything you need to know for a successful transitionDownload now
Managing security risk and compliance in a challenging landscape
How key technology partners grow with your organisationDownload now
Software-defined storage for dummies
Control storage costs, eliminate storage bottlenecks and solve storage management challengesDownload now
6 best practices for escaping ransomware
A complete guide to tackling ransomware attacksDownload now