IoT botnets are on the rise and 5G isn’t helping anything

Botnets are more common and coming in more diverse strains than ever before

Botnet graphic

The detection of IoT botnets is at an all-time high and the number of varieties is also steadily rising - two trends that are showing no signs of slowing down.

That's according to Kevin McNamee, director of threat intelligence at Nokia who added that the advent of 5G 'creates more problems than it solves'.

Referencing figures from Nokia's 2019 Threat Intelligence Report, McNamee said the telecoms giant observed 78% of botnets carried active malware, 35% of which shared similarities in either code or attack methodology with 2016's Mirai.

The hugely successful Mirai botnet in 2016 which was responsible for one of the biggest DDoS attacks in history, has inspired a wide portfolio of newer iterations that are pervasively proliferating.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Satori and Reaper botnets are examples of the more malicious variants which succeeded Mirai, while Hajime copied Mirai's attack methodology to plug the vulnerabilities its malicious predecessor exploited in the first place - a bot for good.

Researchers at Unit 42 announced in March that they had discovered another new variant of Mirai that had an updated attack methodology, a wider-reaching attack surface which specifically targeted enterprise IoT devices.

Any device that's visible on the open internet right now can be targeted by an IoT botnet and if it has a vulnerability as well, then it will be hacked within minutes, said McNamee, and the advent of 5G complicates things further.

While the next generation of mobile networking has its cyber security advantages, such as network slicing, it also presents issues that could exacerbate the already growing botnet bother.

"Now with 5G, we're going to be moving to much more devices, bigger networks, higher bandwidth and probably the carriers are going to make decisions around what IP addresses to use and likely they'll use IPv6 addresses [rather than the current IPv4 ones]," said McNamee. "So there is the potential to make the wrong decisions that you're opening up the attack surface by making those devices visible."

He also noted that due to more IoT devices becoming potentially visible, it means that bots can recruit more devices through which it can launch offensives like DDoS attacks. These can then become far more damaging than before due to the larger bandwidth that 5G affords.

Advertisement - Article continues below

"More IoT devices means bigger botnets," he said. "So nowadays, when you see a botnet of 100,000 bots, think five years down the road, [we could see] a botnet of 1 million, 2 million or 10 million bots."

In addition, the ability for a 5G network to be 'sliced' or segmented by the carrier might also present problems that it otherwise intends to solve.

Network slicing is emblematic of classic cyber security best practice: segmenting different parts of a network so attackers can't move across the whole company. Alongside the more inherently secure and encrypted 5G control plane, the slicing capability gives businesses an added layer of network security and a way of mitigating the negative possibilities of attacks exploiting higher bandwidths.

However, segmenting the network can also make an attacker's job easier by signposting where the information they want resides. It's like the context page of a textbook indicating the page of a topic but also the pages on which you can easily find different sub-topics.

Featured Resources

Transform the operator experience with enhanced automation & analytics

Bring networking into the digital era

Download now

Artificially intelligent data centres

How the C-Suite is embracing continuous change to drive value

Download now

Deliver secure automated multicloud for containers with Red Hat and Juniper

Learn how to get started with the multicloud enabler from Red Hat and Juniper

Download now

Get the best out of your workforce

7 steps to unleashing their true potential with robotic process automation

Download now
Advertisement

Recommended

Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/security/vulnerability/354309/patch-issued-for-critical-windows-bug
vulnerability

Patch issued for critical Windows bug

11 Dec 2019
Visit/cloud/microsoft-azure/354230/microsoft-not-amazon-is-going-to-win-the-cloud-wars
Microsoft Azure

Microsoft, not Amazon, is going to win the cloud wars

30 Nov 2019
Visit/operating-systems/microsoft-windows/354297/this-exploit-could-give-users-free-windows-7-updates
Microsoft Windows

This exploit could give users free Windows 7 updates beyond 2020

9 Dec 2019
Visit/hardware/354193/buy-it-to-grow-not-slow-your-business
Sponsored

Buy IT to grow, not slow, your business

25 Nov 2019