Massive IoT-Based DDoS Attack Could Affect Millions Of Devices: Cybersecurity Experts

Cyber attacks have been quite prevalent in 2017, the most recent one being the Bad Rabbit attack, which affected parts of Russia and Ukraine. While the solutions for Bad Rabbit are still being worked upon, there seems to be another cyber attack in the making, called the Reaper Botnet attack.

According to a report by cyber intelligence company Check Point Research, published last week, a new Internet-of-Things (IoT) devices-based Botnet cyber attack could take down millions of devices, dwarfing the scale of previous cyber attacks. A botnet attack is executed using a number of internet-connected devices simultaneously to overwhelm a system with spam requests and steal data.

"So far we estimate over a million organizations have already been affected worldwide, including the U.S., Australia and everywhere in between, and the number is only increasing. Our research suggests we are now experiencing the calm before an even more powerful storm. The next cyber hurricane is about to come," the report says.

The malware being used for the attack, called the Reaper, can simultaneously attack collections of devices such as Wi-Fi routers, causing them to crash and thereby disrupt access to the internet for users.

The research indicates that the attack might be connected to the Mirai botnet attack which took place last year and took down internet services across the United States.

"In the last few days a new botnet has been evolving. While some technical aspects lead us to suspect a possible connection to the Mirai botnet, this is an entirely new campaign rapidly spreading throughout the globe. It is too early to assess the intentions of the threat actors behind it, but it is vital to have the proper preparations and defense mechanisms in place before an attack strikes," the report further stated.

According to Wired, Reaper could be far larger in scale and impact than Mirai and the difference between the two could be that of "the difference between checking for open doors and actively picking locks." Basically, while Mirai worked by affecting vulnerable devices with default passwords to add them to the botnet, Reaper is much more aggressive and evolves by actively hacking and infiltrating devices. It basically uses the same source code, but enlarges its potential.

Reaper is expected to have already affected more than a million devices including routers made by companies such as GoAhead, D-Link, TP-Link, Avtech, Netgear, MikroTik, Linksys and Synology.

According to technology website Techspot, the impact could be such that it could "take down the internet."

"Mirai had a bandwidth exceeding 1Tbps and was able to bring down sites like GitHub, Twitter, Reddit, Netflix, and Airbnb. Reaper is far more sophisticated and has the potential to launch attacks on a scale never seen before experts warn," the publication stated in an article on Saturday.

According to the Sun, security experts are warning companies to check for infected devices and take them offline to contain the effect of the cyber attack. The same is recommended for personal devices.

It is also recommended to actively download software updates from manufacturers, which might contain a patch for the vulnerabilities.