" />

White Hat Worms and Cyber Wars: The IoT is Vulnerable and Growing

White Hat Worms and Cyber Wars: The IoT is Vulnerable and Growing

As tensions between the US and North Korea continue to rise, many fear that a lack of diplomacy between the two nations could lead to nuclear conflict.

While plenty of experts would argue that both countries have too much to lose by involving themselves in military conflicts with one another, plenty more are concerned nonetheless.

Mark Gollom, writing for CBC, thinks that while both leaders are likely desperate to avoid pre-emptive strikes, “there remains the threat, albeit small, of a miscalculation — that amplified rhetoric, a military mistake, or the misinterpretation of an action by any of the main actors in the region could snowball into something much larger.”

Read More: ‘AI will represent a paradigm shift in warfare’: WEF predicts an Ender’s Game-like future

“The real question now [is:] is somebody going to make a stupid mistake? Because some kind of minor escalation could get out of hand,” said senior defense analyst at the RAND Corporation, Bruce Bennet, in an article with CNN.

Secretary of Homeland Security John Kelly agrees that nuclear conflict is unlikely — however, he is more concerned about a different type of attack.

“In the case of North Korea, you know, a kinetic threat against the United States right now I don’t think is likely,” Kelly told Chuck Todd of NBC News, “but [they are] certainly a cyber-threat.”

Cyber War Looming… Loading…

The first publicly known, intentional act of cyber warfare occurred in 2010 with the identification of the Stuxnet virus, which specifically targeted, infected and sabotaged the budding Iranian nuclear program. Stuxnet’s successor, Flame, was found to be able to access and transmit itself via a device’s Bluetooth beacons–a completely unique ability to a virus at the time.

However, five years later, with the rise of a poorly secured internet of things (IoT), wireless viral proliferation potential between internet-connected devices has risen an extreme amount. The door is open now more than ever for cyber attacks.

Read More: Why Current Cybersecurity Doesn’t Work and Why Blockchain Should Take Its Place

Eugene Kaspersky, the founder of the world renowned Kaspersky Lab security company, has been vocal about his fear of a potential “fire sale” attack against populated areas for awhile now. Made popular in the 2007 film Die Hard 4, the fire sale scenario refers to “a potential remote attack on critical infrastructure, including power stations and transport systems.”

While the movie depicted a fictitious terrorist attack on the US, one former cyber security expert with the US Marine Corps, David Kennedy, would claim that we’re “already involved in a cyber war” with Russia, one that began escalating with the allegations of election tampering in 2016. This says nothing of individual attacks, such as the 2015 hack of the US Office of Personnel Management, likely by Chinese state-sponsored actors.

While things haven’t escalated to fire sale status by any means, experts worry that it will take a “cyber Pearl Harbor” before the US commits to bolstering its cyber security.

The Vulnerable, Growing IoT

With approximately 5.5 million new devices connected every day in 2016, the looming 4G to 5G broadband transition in 2017, and continued exponential growth in the industry that fuels the IoT, Big Data, the Internet of Things is on track to grow beyond 50 billion devices and $470 Billion by 2020. Unfortunately, as more and more Internet-connected devices hit the market, it becomes evermore apparent that the IoT’s security infrastructure is supremely lacking.

Scientific American published an article by Larry Greenemeier in late 2016 titled “IoT Growing Faster Than the Ability to Defend It.” Greenemeier uses the October Dyn DDoS attack as a major supporting part of his argument:

“Last week’s distributed denial of service (DDoS) attacks—in which tens of millions of hacked devices were exploited to jam and take down internet computer servers—is an ominous sign for the Internet of Things. A DDoS is a cyber attack in which large numbers of devices are programmed to request access to the same Web site at the same time, creating data traffic bottlenecks that cut off access to the site. In this case the still-unknown attackers used malware known as ‘Mirai’ to hack into devices whose passwords they could guess, because the owners either could not or did not change the devices’ default passwords.”

While Mirai only prompted a botnet-fueled DDoS attack, a rise in automated drone deliveries as well as hackable cars and trucks on the road give cause for greater concern — the type that Robert Able writing for SC Media might call a Skynet-situation.

Potential Solutions

One of the more popular cyber-security myths that people attribute to hackers is that they are adept beyond measure, and gifted in the language of computers and mathematics. In short: they’re geniuses, right?

The thing about the Mirai virus and the Dyn DDoS attack; however, is that it was likely the work of script kiddies, low-level hackers that troll the internet with simple tricks, as opposed to any type of genius-level, politically motivated hackers. Furthermore, the only reason that Mirai was indeed so successful is due to a mixture of consumer ignorance and manufacturer negligence.

Mirai was really only able to hack devices that were manufactured with poor security settings in the first place, ones that don’t prompt users to change the default passwords–and even ones that literally don’t allow the user to change the default password. Not only are professionals looking to manufacturers to shore up IoT security, according to a new study of over among 2,000 US adults conducted by Radware/Harris Poll, some 69% of consumers hold device manufacturers responsible for making sure devices in consumers’ homes can’t be manipulated by hackers.

While the majority of consumers are looking to manufacturers for a solution, one white hat hacker is taking matters into his/her own hands with a countermeasure called “Hajime” — only this countermeasure is actually another worm that’s infected tens of thousands of devices.

It’s essentially the same type of worm as Mirai, so it infects the same vulnerable ports and then just sits there, preventing Mirai from also infecting the device. In a file Hajime drops into your system, you can read a message left by the developer: “Just a white hat, securing some systems,” the message reads. “Stay sharp!”

Further Vigilance Required

Unfortunately, while Hajime seems like a good start to securing the IoT, the vigilante nature of this “patch” means that the virus’s controller could use it for malicious purposes later on. The fact that Hajime is preventing the Mirai botnet from propagating doesn’t necessarily supersede the fact that Hajime is technically a botnet as well.

At the flick of a switch, its controller could launch just as devastating a DDoS attack as the one in 2016. Such uncertainty is often the case when dealing with vigilante justice, making this solution less than ideal.

There has yet to emerge a true solution for the “wildly insecure and often unpatchable Internet of Things. That would require some measure of manufacturer proactivity, government regulation, or perhaps a mixture of the two. Nobody is certain. What is certain is that some vigilante, a digital Dark Knight of sorts, seems to be doing more to secure the IoT than its creators or its protectors — and that is a problem.

View Comments (3)


  1. Joe Cohen

    May 4, 2017 at 2:31 AM

    It’s amazing both how damaging the IoT is and also how much this is something people aren’t aware of. Our own webcams, IP-connected baby monitors, and routers and other connected devices are capable of being part of a botnet and joining a DDoS attack – without our knowledge or doing anything intentionally malicious.

    Luckily, cybersecurity companies are getting more aware of this – ESET now lets you scan your network for potential botnets and Incapsula came out with a Mirai scanner to pinpoint vulnerabilities: https://www.incapsula.com/mirai-scanner/

    Of course, who is scanning the ubiquitous security cameras that have already been used to take down Dyn and launch other attacks.

  2. Pingback: Breaking News And Best Of The Web - DollarCollapse.com

  3. Pingback: Self-Driving Cars Might Not Be Just Around The Corner After All - The Sociable

Leave a Reply

Your email address will not be published. Required fields are marked *


Andrew Heikkila is a blogger and tech enthusiast from Boise. He enjoys writing about cyber-security and other pertinent issues, and does it all while listening to smooth jazz. You can follow Andy @AndyO_TheHammer on Twitter.

More in Technology

hearts and arrows

Hearts and Arrows Diamonds – What Makes Them So Popular?

Kavinesh ArumugamNovember 16, 2017
cancer ai

First coding and now cancer, AI is transforming the healthcare industry

Nishtha SinghNovember 16, 2017
logistics amazon

3 Logistics Startups Helping Businesses Stay Competitive in the Amazon Era

Zac LavalNovember 14, 2017
zuckerberg president

Zuckerberg is running for president, even if he never runs: KU interview analysis

Ben AllenNovember 13, 2017
bitcoin blockchain

Trust no one: the story of Blockchain and Bitcoin

Omar ElorfalyNovember 10, 2017
entrepreneur, restaurant, lyft, startup

The entrepreneur who became a Lyft driver to conduct customer research: interview

Ben AllenNovember 9, 2017
startups hangovers

Startups and technology to alleviate hangovers from hell

Sam Brake GuiaNovember 8, 2017
ar new york fashion week

Fresh off landmark court battle, Candy Lab teams up with LDJ Futures to unveil new AR experience at New York Fashion Week ‘18

Peter AndringaNovember 8, 2017
digital transformation help

All Hands on Deck: When to Bring On Extra Help For Your Digital Transformation

Alejandro VasquezNovember 7, 2017