Hackers have unleashed a new kind of malware that damages the systems of Internet of Things (IoT) devices so extensively the devices become useless. The malware has been dubbed BrickerBot because it turns these devices into little more than expensive bricks.
Security researchers are unsure why hackers are destroying IoT devices. What’s not in question, though, is the seriousness of this malware threat. To warn businesses about it, the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), which is part of the U.S. Department of Homeland Security, has issued a security alert.
A list of all the affected IoT devices is not yet available. However, the researchers who discovered BrickerBot note that the hackers targeted Linux-based devices that had their Telnet port open and exposed publicly on the Internet. These devices were running a specific toolkit called BusyBox.
The BrickerBot malware uses brute-force password-cracking attempts to gain access to Telnet accounts with default or weak passwords. Once inside a device, it uses a series of Linux commands to destroy the device’s basic system functions.
To protect your IoT devices from BrickerBot and similar malware, ICS-CERT recommends several actions:
- Change each device’s default password to a unique, strong one.
- Disable Telnet access.
- Make sure the devices do not directly connect to the Internet.
- Place IoT devices behind firewalls, and isolate them from your business network.
- Use a virtual private network (VPN) if remote access to the devices is required.
The bottom line is that, if you use IoT devices, you need to secure them, just like you would secure any other device or machine in your IT environment.