IoT botnets: Thingstream versus the rise of the robots

3 mins read

With the abundance of IoT devices comes the proliferation of malware designed to exploit them. This is, of course, inevitable and for the most part, there’s very little anyone can do about it. The age of the IoT botnet is truly upon us.

The standard approach to dealing with these threats is to attempt to keep the hackers out by encrypting everything and locking down the various network layers in the appropriate manner. And when the hackers do get in – which they will, if they want to – you just have to batten down the hatches and employ damage limitation measures. That’s just the way it is. Or is it?

Rise of the robots – the IoT botnet

Along with a generally consistent rise in cybersecurity exploits, the number of botnet attacks worldwide has also been gathering pace with IoT networks providing the necessary weaponry. According to Check Point Software Technologies, the number of attacks targeting IoT and networking has doubled in just two months putting IoT devices right in the spotlight and highlighting an alarming trend for those operating in the IoT space.

What is an IoT botnet?

An IoT botnet is a network of IoT devices whose control has been taken over by a malicious actor. By way of infecting IoT devices with malware, the hacker is able to gain control of the devices and use them for their own means. A good example of this is the Mirai malware which emerged in 2016, initially taking control of consumer devices such as routers and webcams for use in DDoS (Distributed Denial of Service) attacks.

Since its inception, several variants of Mirai have been created and many many others like it have followed suit. Although consumer devices appear to be the main draw for hackers, the net is widening. As many commercial and industrial IoT use the same protocols and software as consumer devices, these networks are also becoming convenient targets. What hacker wouldn’t want to add hundreds or thousands of IIoT devices to their arsenal of bots?

Looking for bot-proof IoT connectivity?

Thingstream – the botnet proof network

It would be foolish to say that devices in the Thingstream ecosystem are unhackable. No device, network or computer connected to the internet is 100% safe. However, devices connected using Thingstream’s MQTT Anywhere do have a distinct advantage which leaves them almost impervious to hackers and makes it impossible for the devices to become part of a botnet.

Where most IoT devices use TCP/IP to communicate, be that via WiFi, cellular data or other means of wireless communication, there is always a direct connection to the internet. This means there’s always a way to get in and perhaps more importantly, that device can then use that internet connection to attack other online entities. For MQTT Anywhere connected devices, this is not the case. Instead of using TCP/IP, MQTT Anywhere uses the GSM voice network to publish and subscribe to MQTT messages via the Thingstream platform. No TCP/IP means devices don’t have an IP address and are therefore completely invisible to the internet. This means that even if the device is compromised locally – for example, if someone were to load the malware directly onto the device from a USB stick – it is simply not capable of being part of a botnet. For Thingstream, IoT botnets are simply a non-problem.

IoT without the internet

The internet-free IoT method also has benefits when considering other types of IoT related exploit. Another type of attack that is gaining pace with the adoption of IoT is where hackers take control of your devices, halting their operation, changing how they operate or stealing data in order to blackmail or somehow damage the business of the party on the receiving end of the attack.

By having no visible presence on the internet, MQTT Anywhere enabled devices also make this practice very difficult for would-be hackers. Due to its unique use of the GSM voice network, messages from the device to the platform and vice versa don’t go anywhere near any of the protocols used or network layers compromised by popular exploits.

Is MQTT Anywhere hack proof?

Of course not. Nothing is. However, if a hacker wanted to harvest data from or control a Thingstream connected device, not only would they need to be in exactly the right place, at exactly the right time, with the right hardware and knowledge of how the device itself has been interfaced with the Thingstream client SDK, they would also need inside information on the cellular network being used. Not impossible, just very, very difficult.

In conclusion

As the Internet of Things continues to grow, its part in the world of electronic warfare will grow with it. Over time, billions of IoT devices will become pawns in unknown battles, working for unknown masters. Don’t want to be a part of that? Consider a botnet-proof network. Consider MQTT Anywhere.

For more information on how you can create a future-proof, secure IoT network, get in touch.


Sensor manufacturers need to wake up and sense the coffee

Why aren’t sensor manufacturers jumping on the IoT bandwagon? It’s theirs for the taking. Neil Hamilton, Thingstream VP Business Development takes a look at the sensor market to see what’s going on and reveals one sensor manufacturer who is bucking the trend.


IoT predictions for 2020

The snowball is rolling and it's gathering momentum but what does that mean for IoT in 2020? Here are our IoT predictions for the year ahead.


The death of 2G – what 2G switch off means for IoT

In the world of IoT, the 2G network has become a safe and ubiquitous platform for the transportation of small packets of data and therefore the perfect platform for IoT data. Or so it was until 2G switch off reared its ugly head… If you Google ‘Death of 2G’ or‘2G switch off’ you are faced with…