It has been revealed that the Hide and Seek Botnet has resurfaced, bringing with it stronger defences to help it remain on infected devices. Security researchers found that it can now survive device reboots, which would normally remove IoT malware. IT security experts commented below.
Martin Jartelius, CSO at Outpost24:
IoT devices on corporate networks is an increasing risk, as more and more devices are exposed and exploited. However, there is very little excuse for keeping IoT devices connected to a network via the internet or from client networks. In an age when cybercrime is rife, companies should always take responsibility for their assets, review inventory and take action on exposed services when discovered. It is way cheaper to do the work upfront than having to implement damage control after the intrusion has happened.
Javvad Malik, Security Advocate at AlienVault:
Beyond that, threat detection controls should be deployed on the network that can monitor network traffic of IoT devices and alert when a device is communicating out of normal boundaries either using uncommon ports or communicating with unknown servers.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.