An unpleasant new strain of malware capable of destroying unprotected devices linked to the Internet of Things is now in circulation.
Cyber security firm Radware has identified that the malware, known as BrickerBot.1 and BrickerBot.2, forces its way into IoT systems through configuration errors in the firmware, meaning a simple change of password won’t afford much protection. It then performs a series of Linux commands aimed at corrupting the device’s flash storage and disrupts settings in the kernel at the heart of the operating system – damaging the device’s internet connectivity and wiping all files. Due to its destructive nature, Radware views this as a Permanent Denial of Service (PDoS) attack.
Unlike most hacks, it appears that this is pure vandalism; as the attacker gains no material or strategic benefit from the attack. It does, however, once again highlight the inherent fragility of IoT devices – and its destructive and arbitrary nature could herald far worse things to come.