Ixia’s Application Threat Intelligence (ATI) Research Center is tracking a new IoT botnet known as “Reaper”. Last year, an IoT botnet known as “Mirai” created havoc for enterprise cyber business through DDoS attacks utilizing bots made up of IoT devices.
Ixia identified a dramatic increase in Reaper activity during the first week of October. This botnet attempts to compromise IoT devices, raising concern that a new wave of DDoS or other attacks could follow.
What is Reaper?
This new botnet is attacking IoT devices, especially routers, using publicly disclosed vulnerabilities which have not yet been patched on these devices.
Ixia Customers Have Protection
Ixia has applied the Reaper’s IoT router compromises to its ATI service for the company’s BreakingPoint and ThreatARMOR solutions:
- Ixia’s BreakingPoint customers can utilize this material to validate their deployed security control’s effectiveness at defending against the Reaper botnet’s methods of compromise and Command and Control communication.
- Ixia’s ThreatARMOR customers will be able to actively block known compromised IoT devices from reaching their network infrastructure using the Threat Intelligence collected.
“Ixia suggests that any IoT device with public Internet facing connectivity be patched with the latest updates and be closely monitored,” stated Steve McGregory, Senior Director of Application Threat Intelligence at Ixia. “Network visibility is the ability to know what is in your network and what it is doing, and it is a key tenet to being prepared to defend and proactively mitigate weaknesses in your network.”
