Control of the army of connected and infected devices that slowed the internet to a crawl two weeks ago is up for bids. reports that DarkNet vendors on sites like Alpha Bay are selling access to thousands of compromised devices

- like webcams, smart TVs, and office printers - which could be deployed for new attacks. And the price is affordable for nearly anyone with 50,000 bots going for $4,600 and 100,000 bots for $7,500.

How A Botnet Army Attack Is Executed


How much damage can be done? Consider how much firepower attackers unleashed by using internet of things (IoT) connected devices on Dyn, the New Hampshire company that translates IP addresses into direct domain names.  By taking control of 100,000 “malicious endpoints” the attackers using the botnet army fired 1.2 terabytes on Dyn, the largest DDoS attack ever measured. The web sites of Twitter, CNN, Amazon and many other of the world’s most visited websites were paralyzed.

And the attack could have even been worse as researchers estimated that attackers have more than 500,000 Mirai-infected devices at their command. Looking at the numbers, they only used 20% during last month’s high-profile attack.

The Insecure Internet of Things  10 Stats from ISACA 2015 IT Risk/Reward Barometer. Read Now What happens if they double the number of devices? Or triple?  Or quadruple? The attack last month was just really a big nuisance.  But, what if the army ups its game and is used to steal corporate or personal information?  Or even attack a nation state?

In other words, what happened in October is just a glimpse of what the IoET botnet army can do. The time to defend your connected devices, and the devices entering your office, is now. At Pwnie, we believe that you can’t defend the unknown. We focus on helping our customers map and identify all the connected devices within your office (both company and employee owned) as well as those within range -- whether they are across the hall or at the Starbuck’s across the street.

The only way to prevent bad actors from enlisting your coffee maker, printer or your employees’ iPhones in the botnet army is to see the “troops” coming.

pwnie-express-pulse.jpgThis is what your office looks like when you use Pwnie Express products. We can find the backdoors threat actors are coming through.

2016 Internet of Evil Things (IoET)  “The Internet of Evil Things (IoET) Report 2016