In response to recent malicious botnet attacks that crippled tech giants and a French internet service provider, an engineer released a proof-of-concept of a worm that would automatically change default passwords of insecure IoT devices.
The code, released on GitHub by Leo Linsky, a software engineer at network security firm PacketSled, could be used to change devices’ default passwords to more secure passwords. The project appears to have since been removed from GitHub or moved to a private repository. Linsky’s account profile has one project saved in a private collection.
Jamison Utter, VP of field operations, Senrio told SCMedia.com that the proof-of-concept is “an interesting stopgap solution to the recent distributed denial of service (DDoS) attacks. He said an anti-virus firm could use the approach “in an opt-in manner, rather than as a worm.”
Benevolent viruses may be well-intentioned, but can be dangerous, according to Fortinet global security strategist Aamir Lakhani. They could cause harm to systems, effect stability, or lock a legitimate user out of the device. In an email to SCMedia.com, Lakhani asked, “What if a good worm turns bad?” Previous attempts by researchers to create benevolent worms “have been modified and have evolved from good intention to malicious.”
Last month, an army of Internet of Things (IoT) devices launched distributed denial of service (DDoS) attacks against Dyn DNS devices that took down Twitter, Spotify, Netflix, GitHub, Amazon and Reddit, and other tech companies last month. Separate botnets were used in DDoS attacks against the hosting provider OVH and “Krebs on Security” in September.
The long-term solution needs to be participatory, involving security vendors, manufacturers, and consumers, Utter told SCMagazine.com. “We’re locked in to the thinking of threat feeds,” he said.