http://www.al.com/news/index.s...edium=default-widget

Just as hurricane trackers chart storms in the Atlantic before they make landfall, cybersecurity researchers track viral infections that threaten mayhem. They've found a doozy.

A massive zombie robotic network, or botnet, has expanded to infect "an estimated million organizations" and could bring corners of the internet to its knees, an Israeli cybersecurity company, Check Point Software, says.

"The next cyber hurricane is about to come," Check Point says.

Several cybersecurity researchers Monday confirmed Check Point's findings, saying the botnet could replicate, and perhaps dwarf, the Mirai botnet that almost exactly a year ago took down major websites on the Atlantic Coast, crippling a part of the internet's backbone and slowing traffic to a crawl.

The botnet, which has been named either "Reaper" or "IoTroop," was first detected in mid-September. A Chinese cybersecurity firm, Qihoo 360, says the botnet is swelling by 10,000 devices a day, forcibly recruiting foot soldiers in an ever-larger invisible rogue army.

Cybercrime gangs form botnets by infecting internet-enabled devices, often wireless cameras or routers with weak security features. Once corralled, controllers can send commands for the botnet to overwhelm a target, knocking its website off line or crippling the internet.

The new botnet has spread across the United States, Australia and other parts of the globe, researchers say, although Check Point notes that "it is too early to assess the intentions" of those propagating the infection.

"It could be something that's meant to create global chaos," Maya Horowitz, threat intelligence group manager at Check Point, said in a telephone interview from Israel. "But it could be something that's more targeted," perhaps aimed at a country or industry.

She said it is unlikely that cybersecurity experts will be able to halt an eventual attack.

"The chances are pretty low for that," Horowitz said, adding that like an epidemic of infectious disease, "each infected device is looking for other devices to compromise."

Criminal hackers are assembling increasingly powerful botnets.

"They are getting bigger and badder," said Robert Hamilton, director of marketing at Imperva Incapsula, a Redwood Shores, California, cybersecurity firm that offers technology to mitigate botnet attacks.

"The motive more than ever is money," he said, adding that criminal gangs send ransom demands to companies threatening to hit them with a distributed denial-of-service, or DDoS, attack unless paid off.

"We had a client that received a letter that said 'if you don't pay us, we are going to bring your websites down with a DDoS attack,'" Hamilton said. "This was a client that you'd definitely recognize their name," declining to specify the company.

Last year's Mirai botnet attack hit Dyn, a New Hampshire company that provides backbone services for the internet. Imperva says it found 49,657 infected devices spread over 164 countries. The top infected countries were Vietnam, Brazil and the United States.

Scores of major companies were hit in that Oct. 21, 2016, attack, including Netflix, Twitter, Spotify, HBO, Amazon, CNN, ancestry.com and Comcast.

The new botnet is based on the source code for Mirai, Horowitz said, "but about 100 different functions have been added ... and it has the potential to reach many, many more devices."

The malware creating the botnet is infecting a variety of Internet of Things (IoT) devices but has been found with functions to target networking gear or routers manufactured by D-Link, TP-Link, AVTECH, NETGEAR, MikroTik, Linksys and Synology, Check Point said.

"Since Reaper is exploiting a number of known vulnerabilities in different IoT devices, this botnet could definitely be much more disruptive than Mirai," said Merike Kaeo, chief technology officer at Farsight Security, a San Mateo, Calif., cybersecurity firm. "Known security issues in cameras, televisions, home routers, and any other internet-connected devices need to be addressed and fixed."

Consumers can do their bit by checking to ensure that "all of their internet-connected devices, especially home routers, have the latest firmware upgrades and security patches installed," Kaeo said.

sometimes I am glad I am no longer officially involved with corporate IT.

I think of these types of scenarios every time somebody tells me that cash is outdated, and that we need to eliminate it and move to an all electronic system.

quote:

Originally posted by hudr:
sometimes I am glad I am no longer officially involved with corporate IT.

I sympathize. Agree with ensigmatic below as well. Technology implementation, networking, maintenance, and performance management / availability is one thing. But every time I look back at my IT past, as well as many of the people and corporate environments I know, see, and hear about as time goes on, I can't help but think of the quote from the Tommy Lee Jones, William Strannix character from Under Siege... "I got tired of coming up with last-minute desperate solutions to impossible problems created by other ******* people." and chuckle a little. I much prefer having technology as just an interest and a hobby.

quote:

Originally posted by hudr:
sometimes I am glad I am no longer officially involved with corporate IT.

I'm constantly glad I'm out of it.

I keep my finger in, in an informational way, but that's it. I do that because the same principles of device and network security that apply there, I can apply at home.

E.g.: DDoS attacks and compromised IoT devices: I have egress filtering on my border router, which limits much of what my internal devices can access on the Internet, and I have bandwidth-limiting rules that prevents "how much" of whatever they can do.

Never mind the usual controls that prohibit all externally-initiated connections except to one internal device, that being my server.

Lastly: I don't use common, consumer-grade hardware.

quote:

Originally posted by a1abdj:
I think of these types of scenarios every time somebody tells me that cash is outdated, and that we need to eliminate it and move to an all electronic system.

Me, too. I can't think of many things more ridiculous, risky, and just plain stupid as to make ourselves so vulnerable as to rely on electronic systems-that we have no control over-for our means of survival (cash, or the ability to buy, sell, procure what we need).