Turning Internet of Things(IoT) into Internet of Vulnerabilities (IoV) : IoT Botnets
This addresses security risks for IoT users and networks, but is largely incremental as it synthesizes existing knowledge without new technical solutions.
The paper examines how IoT botnets have transformed IoT devices from safety enablers into security vulnerabilities, highlighting that many devices are publicly accessible and have inadequate security. It outlines botnet anatomy, discusses major DDoS incidents and exploited vulnerabilities, and provides mitigation recommendations including cyber insurance.
Internet of Things (IoT) is the next big evolutionary step in the world of internet. The main intention behind the IoT is to enable safer living and risk mitigation on different levels of life. With the advent of IoT botnets, the view towards IoT devices has changed from enabler of enhanced living into Internet of vulnerabilities for cyber criminals. IoT botnets has exposed two different glaring issues, 1) A large number of IoT devices are accessible over public Internet. 2) Security (if considered at all) is often an afterthought in the architecture of many wide spread IoT devices. In this article, we briefly outline the anatomy of the IoT botnets and their basic mode of operations. Some of the major DDoS incidents using IoT botnets in recent times along with the corresponding exploited vulnerabilities will be discussed. We also provide remedies and recommendations to mitigate IoT related cyber risks and briefly illustrate the importance of cyber insurance in the modern connected world.