IoT botnets: Thingstream versus the rise of the robots

With the abundance of IoT devices comes the proliferation malware designed to exploit them. This is, of course, inevitable and for the most part, there’s very little anyone can do about it. The age of the IoT botnet is truly upon us.

The standard approach to dealing with these threats is to attempt to keep the hackers out by encrypting everything and locking down the various network layers in the appropriate manner. And when the hackers do get in – which they will, if they want to – you just have to batten down the hatches and employ damage limitation measures. That’s just the way it is. Or is it?


Rise of the robots – the IoT botnet

Along with a generally consistent rise in cybersecurity exploits, the number of botnet attacks worldwide has also been gathering pace with IoT networks providing the necessary weaponry. According to Check Point Software Technologies, the number of attacks targeting IoT and networking has doubled in just two months putting IoT devices right in the spotlight and highlighting an alarming trend for those operating in the IoT space.

What is an IoT botnet?

An IoT botnet is a network of IoT devices whose control has been taken over by a malicious actor. By way of infecting IoT devices with malware, the hacker is able to gain control of the devices and use them for their own means. A good example of this is the Mirai malware which emerged in 2016, initially taking control of consumer devices such as routers and webcams for use in DDoS (Distributed Denial of Service) attacks.

Since its inception, several variants of Mirai have been created and many many others like it have followed suit. Although consumer devices appear to be the main draw for hackers, the net is widening. As many commercial and industrial IoT use the same protocols and software as consumer devices, these networks are also becoming convenient targets. What hacker wouldn’t want to add hundreds or thousands of IIoT devices to their arsenal of bots?

Thingstream – the botnet proof network

It would be foolish to say that devices in the Thingstream ecosystem are unhackable. No device, network or computer connected to the internet is 100% safe. However, Thingstream IoT enabled devices do have a distinct advantage which leaves them almost impervious to hackers and makes it impossible for the devices to become part of a botnet.

Where most IoT devices use TCP/IP to communicate, be that via WiFi, cellular data or other means of wireless communication, there is always a direct connection to the internet. This means there’s always a way to get in and perhaps more importantly, that device can then use that internet connection to attack other online entities. For Thingstream connected devices, this is not the case. Instead of using TCP/IP, Thingstream uses the GSM voice network to publish and subscribe to MQTT messages via the Thingstream platform. No TCP/IP means devices don’t have an IP address and are therefore completely invisible to the internet. This means that even if the device is compromised locally – for example, if someone were to load the malware directly onto the device from a USB stick – it is simply not capable of being part of a botnet. For Thingstream, IoT botnets are simply a non-problem.

IoT without the internet

The internet-free IoT method also has benefits when considering other types of IoT related exploit. Another type of attack that is gaining pace with the adoption of IoT is where hackers take control of your devices, halting their operation, changing how they operate or stealing data in order to blackmail or somehow damage the business of the party on the receiving end of the attack.

By having no visible presence on the internet, Thingstream IoT enabled devices also make this practice very difficult for would-be hackers. Due to its unique use of the GSM voice network, messages from the device to the platform and vice versa don’t go anywhere near any of the protocols used or network layers compromised by popular exploits.

Is Thingstream hack proof?

Of course not. Nothing is. However, if a hacker wanted to harvest data from or control a Thingstream connected device, not only would they need to be in exactly the right place, at exactly the right time, with the right hardware and knowledge of how the device itself has been interfaced with the Thingstream client SDK, they would also need inside information on the cellular network being used. Not impossible, just very, very difficult.

In conclusion

As the Internet of Things continues to grow, its part in the world of electronic warfare will grow with it. Over time, billions of IoT devices will become pawns in unknown battles, working for unknown masters. Don’t want to be a part of that? Consider a botnet-proof network. Consider Thingstream.

For more information on how you can create a future-proof, secure IoT network, get in touch.


Lee Stacey, Content Lead at Thingstream

Lee Stacey

Content & Community Lead @ Thingstream

Connect with Lee Stacey on Linkedin

Ready to get started with Thingstream's IoT Connectivity Platform?