IID Predicts Massive Botnet Takeover of IoT Devices by 2017

Cybersecurity firm also anticipates a spate of domain failures, leading to demise of websites relying on them

TACOMA, Wash. — December 1, 2015IID, the source for clear cyberthreat intelligence, today announced its predictions for 2017 and beyond. After analyzing billions of pieces of cyberthreat data, IID anticipates Internet of Things (IoT) devices will increasingly become part of large-scale botnets, websites utilizing many of the new generic top-level domains (gTLDs) will go dark and China-based cybercrime will undergo a marked shift.

IID isn’t interested in making safe, short-range prognostications whose outcomes are already inevitable. That’s why its latest forecast looks at least two years ahead, much like IID’s predictions did in previous years.

Botnets Invade IoT

IID predicts that by the end of 2017, botnet operators seeking new frontiers will execute a full-scale invasion of compromised Internet of Things (IoT) devices such as wearables and connected home products. A botnet is a collective of private computers, infected with malware, that are controlled by cybercriminals to launch mass attacks, unbeknownst to their owners.

These “zombified” IoT devices, upon being hijacked by cybercriminals into their botnet army via malware, will be used for a variety of nefarious purposes, including:

  • Executing network-based attacks, such as Distributed Denial of Service attacks, against large companies by commanding these IoT bots to overwhelm systems with fake traffic.
  • Deceitfully or forcefully redirecting users to commercial content in order to generate revenue, in what is essentially a form of marketing or affiliate fraud (e.g. pay-per-click fraud).
  • Spying on users for the purpose of extortion or political influence.

“The increasingly advanced technical capabilities of IoT devices such as autonomous consumer-grade drones and smart appliances will not be able to keep pace with security and privacy requirements. This will drive large-scale compromises of IoT devices,” said IID Vice President of Threat Intelligence Sean Tierney. “As these devices are used to attack other networks or for retaliatory attacks, it will eventually lead to the ‘Battle of the Botnet’ for domination of IoT.”

gTLD Websites Go Dark

When the Internet Corporation for Assigned Names and Numbers (ICANN), which oversees the Domain Name System, began the process to issue hundreds of new gTLDs in 2013, the possibilities seemed limitless. Today, gTLDs run the gamut from “.apartments” to “.dentist” to “.porn” and so on. But looking ahead, many of these TLDs, as well as websites and other services that rely on them, could be short-lived because their adoption has been much smaller than anticipated.

IID anticipates an unprecedented series of domain registry failures as a result of the lack of gTLD popularity by 2017 in the form of bankruptcies and abandonment. “Most new gTLDs have failed to take off and many have already been riddled with so many fraudulent and junk registrations that they are being blocked wholesale,” said IID President and CTO Rod Rasmussen. “This will eventually cause ripple effects on the entire domain registration ecosystem, including consolidation and mass consumer confusion as unprofitable TLDs are dropped by their sponsoring registries.”

Should a gTLD go down, it would take any resident websites, email or other services with it, forcing their owners to scramble for new virtual real estate. There is a process in place to continue support of struggling registry operations until a larger registry or organization buys them in auction and rescues them. However, questions abound as to who would risk an investment in poorly performing TLDs, especially as they start to number in the hundreds. “That’s why eventually some are going to just plain go dark,” added Rasmussen.

The writing is already on the wall. For instance, in its original Fiscal Year 2015 budget draft, ICANN predicted 33 million new gTLD domain name registrations—a number it later revised to just 15 million. According to ntldstats.com, the final tally for FY2015, which ended June 30, 2015, was only 4.9 million registrations.

Chinese Cybercrime Reshapes Geopolitics

IID also predicts that if the downturn in the Chinese economy continues, this could drive exponential growth of organized cybercriminal enterprises within the country. IID expects that by 2017 these “persistent criminal enterprises” will rival and ultimately surpass Eastern European organized cybercrime in scope, size and complexity.

Moreover, IID predicts that the Russian Chinese Cyber Alliance will dissolve by 2019, after these same Chinese cybercriminal organizations start aggressively targeting Eastern European citizens, companies and even rival cybercrime organizations—funneling their stolen money into China. Such a development would undermine Russia’s original strategy behind the pact, which was to form stronger ties with the Eastern powers in response to strained relations with the U.S.

However, IID predicts yet another tidal change by 2020, as China becomes a leading proponent of Internet security in response to its own citizens and banks being increasingly victimized by cyberattacks that threaten the Chinese economy.

About IID

IID is a cybersecurity company. Its flagship product, ActiveTrust, adds clarity to cyberthreat intelligence by distilling threat data from thousands of trusted sources, and fusing it into actionable intelligence delivered to security professionals and automated infrastructure. Fortune 500 companies and U.S. government agencies leverage IID to detect and mitigate threats, making ActiveTrust one of the world’s largest commercial cyberthreat data exchange. For more go to internetidentity.com.