Page 84 - Cyber Warnings August 2017
P. 84

Targets
               Although rather devastating for the user, the target base was limited. Brickerbot uses a
               ‘busybox’ command as part of the attack. This indicates the targets were limited to
               Linux/BusyBox based IoT devices. The device, for the attack to be effective, has to have the
               telnet port open and accessible by the internet.

               This may appear to be limiting, however there may be up to 21 million devices vulnerable to
               this. TheJanit0r had claimed to have bricked over 2 million IoT devices from January to April
               2017.


               Why?
               The sale focus of this is to brick insecure IoT devices. This act appears to be incredibly callous.
               The unsuspecting user attempts to power up or use the device, to no avail. This view however is
               rather focussed on the singular act in comparison to the overall effect this has had on the
               environment. This internet malady has been the symptom of the continued insecure IoT.
               Seemingly, this would have been addressed when this began to be an issue, however, it was
               not.

               To cease at least a portion of the issue and potentially limit some of the future bot expansion,
               TheJanit0r empowered himself, with no authorization from the affected parties. This in effect
               kept the uninfected devices to be enlisted in the bot army that had been growing substantially.
               There simply had been too many attacks in 2016. The industry refused to police itself.


               Resources

               Biggs, J. (2017, April 25). BrickerBot is a vigilante worm that destroys insecure IoT devices.
               Retrieved from https://techcrunch.com/2017/04/25/brickerbot-is-a-vigilante-worm-that-destroys-
               insecure-iot-devices/

               Cimpanu, C. (2017, April 21). Brickerbot author claims he bricked two million devices. Retrieved
               from https://www.bleepingcomputer.com/news/security/brickerbot-author-claims-he-bricked-two-
               milion-devices/

               Coppock, M. (2017, April 13). New ‘brickerbot’ malware attack kills insecured internet of things
               devices. Retrieved from https://www.digitaltrends.com/computing/brickerbot-malware-targets-
               iot-with-pdos-attacks/

               Goodin, D. (2017, April 6). Rash of in-the-wild attacks permanently destroys poorly secured IoT
               devices. Retrieved from https://arstechnica.com/security/2017/04/rash-of-in-the-wild-attackers-
               permanently-destroys-poorly-secured-iot-devices/




                    84   Cyber Warnings E-Magazine – August 2017 Edition
                         Copyright © Cyber Defense Magazine,  All rights reserved worldwide.
   79   80   81   82   83   84   85   86   87   88   89