IoT botnets are on the rise and 5G isn’t helping anything

Botnets are more common and coming in more diverse strains than ever before

The detection of IoT botnets is at an all-time high and the number of varieties is also steadily rising - two trends that are showing no signs of slowing down.

That's according to Kevin McNamee, director of threat intelligence at Nokia who added that the advent of 5G 'creates more problems than it solves'.

Referencing figures from Nokia's 2019 Threat Intelligence Report, McNamee said the telecoms giant observed 78% of botnets carried active malware, 35% of which shared similarities in either code or attack methodology with 2016's Mirai.

The hugely successful Mirai botnet in 2016 which was responsible for one of the biggest DDoS attacks in history, has inspired a wide portfolio of newer iterations that are pervasively proliferating.

Satori and Reaper botnets are examples of the more malicious variants which succeeded Mirai, while Hajime copied Mirai's attack methodology to plug the vulnerabilities its malicious predecessor exploited in the first place - a bot for good.

Researchers at Unit 42 announced in March that they had discovered another new variant of Mirai that had an updated attack methodology, a wider-reaching attack surface which specifically targeted enterprise IoT devices.

Any device that's visible on the open internet right now can be targeted by an IoT botnet and if it has a vulnerability as well, then it will be hacked within minutes, said McNamee, and the advent of 5G complicates things further.

While the next generation of mobile networking has its cyber security advantages, such as network slicing, it also presents issues that could exacerbate the already growing botnet bother.

"Now with 5G, we're going to be moving to much more devices, bigger networks, higher bandwidth and probably the carriers are going to make decisions around what IP addresses to use and likely they'll use IPv6 addresses [rather than the current IPv4 ones]," said McNamee. "So there is the potential to make the wrong decisions that you're opening up the attack surface by making those devices visible."

He also noted that due to more IoT devices becoming potentially visible, it means that bots can recruit more devices through which it can launch offensives like DDoS attacks. These can then become far more damaging than before due to the larger bandwidth that 5G affords.

"More IoT devices means bigger botnets," he said. "So nowadays, when you see a botnet of 100,000 bots, think five years down the road, [we could see] a botnet of 1 million, 2 million or 10 million bots."

In addition, the ability for a 5G network to be 'sliced' or segmented by the carrier might also present problems that it otherwise intends to solve.

Network slicing is emblematic of classic cyber security best practice: segmenting different parts of a network so attackers can't move across the whole company. Alongside the more inherently secure and encrypted 5G control plane, the slicing capability gives businesses an added layer of network security and a way of mitigating the negative possibilities of attacks exploiting higher bandwidths.

However, segmenting the network can also make an attacker's job easier by signposting where the information they want resides. It's like the context page of a textbook indicating the page of a topic but also the pages on which you can easily find different sub-topics.

Featured Resources

Shining light on new 'cool' cloud technologies and their drawbacks

IONOS Cloud Up! Summit, Cloud Technology Session with Russell Barley

Watch now

Build mobile and web apps faster

Three proven tips to accelerate modern app development

Free download

Reduce the carbon footprint of IT operations up to 88%

A carbon reduction opportunity

Free Download

Comparing serverless and server-based technologies

Determining the total cost of ownership

Free download

Recommended

Your essential guide to internet security
Security

Your essential guide to internet security

25 Jun 2021

Most Popular

What should you really be asking about your remote access software?
Sponsored

What should you really be asking about your remote access software?

17 Nov 2021
What are the pros and cons of AI?
machine learning

What are the pros and cons of AI?

30 Nov 2021
How to move Microsoft's Windows 11 from a hard drive to an SSD
Microsoft Windows

How to move Microsoft's Windows 11 from a hard drive to an SSD

24 Nov 2021