Cybersecurity Lessons from the Brickerbot Outbreak

May 20, 2017
1732 Views

The Brickerbot virus took the world by storm last week. It was one of the most devastating forms of malware to date.

There are many unique things about the Brickerbot virus. The thing that stood out the most is that Brickerbot specifically targeted Internet of Things (IoT) devices.

According to the author of Brickerbot, his malware affected over two million devices around the world. Here are some important lessons that both cybersecurity professionals and laypeople can learn from this new outbreak.

IoT Devices Aren’t Immune from Cyberattacks

Most people are very cautious about downloading unknown documents or clicking links from suspicious sources in their emails. However, few people pay any attention to the security of their IoT devices.

Most people can’t even consider the possibility that their Alexa, smart locks or other IoT devices could be hacked. However, all of these devices are connected to the Internet, so they are clearly vulnerable to malicious hackers, such as the author of Brickerbot.

Malware Can Permanently Destroy Devices it Infects

Cybercriminals have a number of motives for developing malware. These motives can range from extortion, embarrassing enemies, stealing financial information and shutting down business competitors.

Since these are the most common motives, malware rarely causes significant damage to a device. However, some hackers like the Brickerbot author have more extreme motives. They actually  develop malware to physically destroy devices. According to a report from TechCrunch, many of the devices infected by the Brickerbot were permanently disabled.

“BrickerBot finds these devices and renders them unusable. The first version attacked about a thousand devices and alternate versions attacked thousands more. It disabled the devices by formatting the internal memory.”

Unsecured Devices Attract Hackers

The Brickerbot author had a unique agenda. According to his online confession, he is a vigilante that developed malware to disable insecure devices to keep them from infecting other parts of the Internet.

“I hope that regulatory bodies will do more to penalize careless manufacturers since market forces can’t fix this problem. The reality of the market is that technically unskilled consumers will get the cheapest whitelabel DVR they can find at their local store, then they’ll ask their nephew to plug it into the Internet, and a few minutes later it’ll be full of malware. At least with ‘BrickerBot’ there was some brief hope that such dangerous devices could become the merchant’s and manufacturer’s problem rather than our problem.”

His malware deliberately sought out insecure devices to remove them from the Internet. Most other hackers target insecure devices for a simpler and less noble reason – they are easier targets.

Regardless of the motive, it’s clear that insecure devices attract hackers like blood draws sharks. People that don’t keep their devices secure are more vulnerable on multiple fronts.

What Can You to Protect Yourself Against Future Cyberattacks?

One thing is clear – cybercriminals aren’t pulling the brakes on their attacks anytime soon. The Brickerbot attack was one of the most destructive in memory.

Since cyberattacks are occurring at a greater frequency, it is important for people to take all necessary precautions to keep all of their devices safe, including their IoT devices. These precautions include using VPN services at VPNAnalysis.com to encrypt their data. It is important to read a guide before using a VPN, because you may not be protecting your data if it isn’t set up properly.

It is also important to set strong passwords and two-token authentication settings to minimize the risk of exploitation.

Finally, if your device is attacked, you may need to take urgent steps to reverse the damage. Cybersecurity experts told victims of the Brickerbot attack that they may need to reset their factory settings to undo the damage. Otherwise, their device may be rendered permanently useless.

While the increased prevalence of cyberattacks is worrisome, there are always ways for people to guard themselves against it.