New IoT malware strain surfaces, targets unsecured devices
By Max BurkhalterJune 28, 2019
Internet of things technologies have spread throughout nearly every commercial and consumer space, but concerns over cybersecurity vulnerabilities continue to challenge their long-term viability. Back in 2017, the infamous BrickerBot worm led to the destruction of thousands of poorly secured IoT devices, Ars Technica reported. This cyber threat was unlike many other programs of its time, as its only goal was to render Linux-based routers and internet-connected devices permanently inoperable. Aptly named a "Permanent Denial-of-Service" attack, this form of digital aggression exploited factory-default credentials to gain remote administrator access to vulnerable devices. A botnet would then execute a series of complex commands that would wipe out IoT devices' storage files and corrupt their firmware, leading to serious damage that was often difficult for end users to repair.
Unlike the Mirai botnet - which sought to build a network of interconnected devices that could be used to temporarily overwhelm a website with more traffic than it could handle - the BrickerBot worm was meant to infiltrate a wide range of storage devices, such as network servers, and deliver a killing blow. Although researchers were unable to discover the true motive behind these PDoS attacks, some experts believe the hackers were trying to push IoT device owners to get serious about cybersecurity by forcing them to update their credentials to prevent permanent and costly damage.
The rise of Silex malware
The reign of BrickerBot was relatively short lived, yet it managed to inspire several copycat malware programmers to follow suit. On June 25, a researcher from Akamai, the U.S.-based content delivery network and cloud service provider, identified a new strain of malware that operates in a similar fashion to the 2017 BrickerBot worm, ZDNet reported. This emergent cyber threat, named "Silex," is quickly becoming a major issue for IoT owners, as it is able to efficiently destroy a device's storage, negate its firewall protocols, scramble its network configurations and bring all internal processes to a complete halt. Within the first five hours of its release, Silex had already "bricked" around 2,000 devices, and many experts expect the number to spike over the coming weeks.
To restore a device that has been wiped by the Silex malware, users must completely reinstall its firmware, reconfigure its network settings and update its credentials to prevent a follow-up attack. While experienced IT professionals will likely be able to perform these tasks proficiently, the average consumer may find the process confusing. That said, network administrators working with enterprise-level systems may also be in for a rude awakening, as Silex as able to infiltrate any Linux server that has open Telnet ports and shared default credentials.
These types of incidents demonstrate the importance of a robust cybersecurity infrastructure, as an organization that loses its entire fleet of IoT devices may find that outright replacing them is more cost-effective than repairing them one at a time. Luckily, Perle offers industrial-grade connectivity tools that can help companies protect their mission-critical servers and maintain their network security. Read some of our customer stories to find out more.