Remember last October, when the Mirai botnet used an army of vulnerable IoT devices to take down big chunks of the internet? Channel Partners’ sister site, IoTi, reports that Checkpoint researchers have identified a similar but potentially even more damaging botnet called IoTroop, or Reaper. For now, Reaper is inactive, but security researcher Brian Krebs says 1 million devices from suppliers including D-Link, Netgear and Linksys may already be infected. Ipswitch’s Greg Mooney has some advice in his blog, including: Patch all your – and customers’ – IoT devices and routers. It appears that simply changing the password on devices such as IP cameras will defeat the bot, says Mooney.
Ultimately, however, as my colleague Brian Buntz reports, a worrisome aspect of Reaper is that it suggests that the state of IoT security has barely budged since a year ago, when Mirai struck. For a deep dive on why IoT firmware is such an intractable security problem and how partners can help defeat botnets while building profitable businesses, check out our free report.
Mobility Mystification: A survey released this week by EMM provider MOBI suggests that your customers’ mobile-device security strategies aren’t in much better shape than their IoT networks. The study, Enterprise Mobility in 2017 and What Comes Next,” shows that nearly 25 percent of companies surveyed plan to eliminate desk phones soon — 15 percent expect to cut the cord in the next 12 months. However, even as they aim to depend more on smartphones, upwards of 40 percent admit that mobile security is “average at best” within their organizations, with many saying employees wouldn’t know what to do if they lost a device. And, data spending is out of control, with most decision-makers – 61 percent – saying that at least half of each mobile employee’s monthly wireless carrier bill is spent on overage charges.
Tell us again how expensive desk phones are …
“Even being able to identify mobile devices that are connected to an enterprise is difficult for many organizations,” said Chris Koeneman, SVP at MOBI. “We’re seeing a disparity in where companies want their mobility programs to be and where they currently are.” Sounds like a job for the telecom channel.
Bad-URL Bingo: Channel-focused email security provider Proofpoint reports on a huge spike in the number of phishing emails attempting to deliver their malicious payloads via URLs as opposed to attachments — we’re talking a 600 percent jump in Q3 over Q217, and a more than 2,200 percent increase from Q316. Ransomware and banking Trojans are the most common drivers for the attempts, according to the new 2017 Q3 Threat Report. This suggests that efforts to educate users to take care when opening attachments have paid off, so attackers are pivoting their methods.
Proofpoint, which analyzes more than 1 billion email messages, hundreds of millions of social-media posts and more than 150 million malware samples every day, has also seen lookalike domains used for a range of attacks and fraud attempts. Partners that offer online support should note, in particular, growth in the number of fake customer-support accounts: These grew 5 percent from Q2 and have doubled year over year. Among suggestions from Proofpoint are to be on the lookout for lookalike social media accounts attempting to fool customers and to practice “defensive domain registration” by defining a list of potential look-alike domains, then registering them or at least …