Malware Aims to Brick IoT Devices

Home automation is a growing trend, and as smart technology evolves so does the consumer’s in home use for it. We have smart devices everywhere: TVs, refrigerators, washers, driers, even light bulbs, just to name a few items that ultimately comprise the Internet of Things (IoT). However, as we have seen in the headlines this year with Amazon’s Echo, these devices can fall prey to unintended use that could be exploited by hackers costing you time and even worse, a hefty hit to the wallet.

Introduction to Phlashing

You may have heard of phishing or vishing at some point in your career or from the network security team at your organization. These two methods are related to social engineering attacks, but phlashing is a relatively new term that has nothing to do with social engineering and everything to do with denial of service (DoS) attacks. Phlashing is a permanent DoS attack that exploits flaws in firmware updates. These vulnerabilities are being exploited by hackers to wreak havoc on IoT devices, and as we have seen with the spikes in ransomware attacks and other new trends, this will likely evolve as the IoT grows in the future. This article from The Register (an online tech publication in the UK) discusses phlashing attacks dating all the way back to 2008.

BrickerBot breaks IoT Devices

Fast forward to the current IoT we know, and we see a new type of malware being called “BrickerBot” that aims to attack unsecured IoT devices and destroy them via phlashing. BrickerBot is interesting because until its discovery, experts traditionally saw hackers using IoT devices for botnets where their primary function was to run DDoS attacks, and they were more financially motivating for hackers. BrickerBot is worrisome (especially to the consumer) because previously if your TV was a part of a botnet, you saw little to no issue since it didn’t impact you or your wallet. However, if your TV is permanently destroyed internally you must hope there is a way to get the firmware reset or go out and dish out cash for a new one (not a great alternative for anyone). The problems from this malware are obvious, but the extent of the attacks and how they will transform has likely yet to be seen.

Why IoT Devices?

Many experts are hinting around the arena that this malware is the potential activity of a vigilante hacker or group of hackers that wish to secure the IoT by removing unsafe devices. There are also some theories pointing out that this could be the work of someone targeting the use of default administrative credentials as a security vulnerability. Of course, while the intentions of these methods are to minimize or even eradicate security flaws on the IoT, they are very questionable given the nature of the state the effected devices are left in.

How Can Individuals Protect Themselves?

BrickerBot and any other malware that aims to cause a DoS scenario with a device or network is a large concern to organizations and individuals. Fortunately, many of the consumer level devices on the IoT are setup behind a gateway (such as a router), so they are difficult for an attacker to discover directly from the public Internet. However, consumers and companies alike should still be aware of the brand of the devices they are purchasing. Sticking with brand names you know and trust is recommended since they are more likely to push out updates and patch vulnerabilities as they are discovered.

By Aaron Dellamano