The RSocks Botnet Highlights the Security Risks for IoT Devices
There are a lot of ways hackers and cybercriminals can attack personal, business, and government networks and servers. A botnet is one way hackers can lead massive hacking campaigns by infiltrating connected devices worldwide and operated by a single person. These attacks are used to disrupt services, steal crucial information, and gain access to critical systems. A botnet’s strength is in its numbers. Recently, a Russian Botnet known as RSocks consisting of millions of Internet of Things or IoT devices was thwarted by a combined effort of the United States Department of Justice, United Kingdom, Netherlands, and Germany. The attack targeted IoT devices, raising awareness of the vulnerability of such devices.
The Take Down of RSocks
The RSocks botnet hacked into millions of devices worldwide since 2016, when the RSocks Botnet was first detected. The botnet targeted IoT devices such as industrial control systems, routers, smart appliances, audio or video streaming devices, and more. Computers and Android devices soon fell to the botnet as RSocks grew larger.
The botnet was advertised as a proxy service that specialized in residential nodes. Instead of selling legitimate IP addresses through an internet service provider, RSocks sold IP addresses of the devices that had been hacked. Because the IP addresses were residential, it made it difficult for authorities to track the hackers’ location.
The investigation into RSocks began in 2017 with the FBI mapping the infrastructure by purchasing many proxies. The United States Department of Justice reported that the cost for accessing RSocks proxy pools ranged from $30 a day for 2,000 proxies to $200 a day for 90,000 proxies.
Investigators found 325,000 compromised devices, many of which were located within the United States. With the consent of three major botnet victims, the FBI replaced compromised devices with government-controlled computers allowing them to thoroughly map out and shut down the botnet.
How to Protect Your IoT Devices from Botnets
While RSocks has been seized and is no longer in operation, cybercriminals are still building botnets around the globe. Understanding the security shortcomings of IoT devices is essential to protect your devices from malicious attacks. IoT devices are becoming a more common device chosen in hacker attacks as they are often unsecured and are easy targets.
If your business uses IoT devices, you must implement basic security measures to prevent your devices from being used for malicious activities. Recommended security measures include:
- Disconnecting IoT devices when not in use
- Changing default configuration settings such as renaming the hardware
- Choose a strong password
- Keep software and firmware updated
- Set up an alternative network specifically for IoT devices
Protecting your business’s IoT devices might seem complex, but experts are available to help you with your security needs. 4 Corner IT can create a strong security network allowing you to have peace of mind and focus on other business needs. To learn more, call us at 954.474.2204.