Some see him as a person who deliberately took the law in his hands to prove his point and the others see him as responsible technologist. The man calls himself conditioner of 'terminally ill' devices is also perceived as a person who understands IoT (Internet of Things) and the major issues that is persistently revolving around badly configured or vulnerable devices.
Dr. Cyborkian a.k.a. janit0r claims to have run a project named “Internet Chemotherapy” which resulted in sabotaging about 10 million vulnerable devices before they could get infected by the Mirai Botnet. The Mirai Botnet has been one of the most destructive malware that takes control of unprotected consumer devices connected to the internet such as home routers and IP cameras. After taking full control of the infected devices this malware then turns these devices to remotely controlled ‘bots’ and integrate them with it to cause large scale network attacks popularly known as DDoS attacks.
BrickerBot Malware Used to Sabotage IoT Devices
The author of project ‘Internet Chemotherapy’ was able to run such a huge operation with the help of the BrickerBot Malware. This strain of malware was purposely created and deployed to disable poorly protected IoT devices on a biblical scale.
In a post that has been widely circulated, the author of BrickerBot confirmed that his attempts to expose loopholes in IoT devices (widely consisting of home routers and IP cameras), included sabotaging approximately 10 million devices.
A glimpse of the payload shared by the author of BrickerBot malware
The activities of BrickerBot were first detected by a team of researchers of an Information Security Company back in April 2017. The researchers back then labeled BrickerBot as a lethal malware that was built to disable the hardware of the infected device further making the device dysfunctional.
Dr Cyborkian a.k.a. janit0r did confess in an anonymous post that it was a rather difficult step to sabotage other people’s equipment just to prove his point. But he then goes on to say that the
colossally dangerous CVE-2016-10372 situation ultimately left him with no other choice but to go head on with to the threats encountered by the Mirai Botnet.
The Exploited Vulnerabilities Left the ISP’s Helpless?
The Janit0r has raised concerns on how ISP’s dealt with the attacks on their router devices and the hopelessness they portrayed during the process of mitigating the vulnerabilities that were exploited. The turnaround time to come out with a solution went up-to months if not weeks and even then they were not able to patch the issues.
This further exposed their sluggish reactions and ineffective solution to the problem they were facing at that point of time. Some of the ISP’s who have been categorically highlighted in the online post and termed incompetent for the their slow and ineffective response to the attacks are BSNL, Telkom ZA, PLDT PT Telkom.
The most important message that has been relayed here is that these attacks that were routed through his actions must not be seen as a criminal conspiracy but must be considered as a wake-up call.
Warning Issued by the Janit0r in the Online Post
YOU SHOULD WAKE UP TO THE FACT THAT THE INTERNET IS ONLY ONE OR TWO SERIOUS IOT EXPLOITS AWAY FROM BEING SEVERELY DISRUPTED.
Precautions Recommended by ‘The Janit0r’ to Strengthen IoT Security
- A thorough review of the security provided by ISP’s must be conducted with the help of services such as Shodan and look for exposed ports such as tr069, httpd, http, telnet, and ssh.
- Perform a decent background check of the vendor’s security track record and also check whether the product offered by them will receive timely security updates.
- Be vigilant and press hard for effective security related regulations and legislation by lobbying the security related concerns with government officials and politicians.
- Consider volunteering your time or other resources to underappreciated whitehat organizations such as GDI Foundation or Shadowserver Foundation.
- Keep the careless ISP’s on their toes by initiating legal actions by those who can afford to do so.
For all InfoSec news, click here.