Have you heard of the HEH botnet?

Security researchers at Netlab have recently reported on their discovery of a terrifying new botnet on the web.

Dubbed HEH, this botnet is a different sort of threat. Unlike most others, this one is not designed to launch DDOS attacks or install malicious code. Its purpose is much simpler.

It only does two things

First, it performs brute force attacks to capture IoT devices, adding them to its collective. Second, it executes a shortlist of predefined shell commands designed to wipe out all of a target device's partitions. It is both simple and potentially devastating. This is particularly bad for the manufacturing industry, in that it has most of the poorly defended IoT technology within its production lines.

Was it designed this way or just poorly designed?

The existence of the HEH botnet in its current form is something of a head-scratcher for the researchers who found it. At this point, they're not sure if the botnet is functioning as it was intended, or if it was simply badly programmed and was originally designed to do something else. Whether HEH is the way it is by design or the accidental creation of a group of as yet unidentified hackers who don't know code very well, the bottom line is that HEH is a legitimate threat and something to keep a watchful eye on.

Most hackers do what they do because there's money in it. They can break into a target network and either steal and/or encrypt files and then demand payment to fix the problem they created. HEH isn't like that at all. The only thing it can be used for is destruction, and if it hits your network, it will wipe out everything.

Our perspective

Worse, the botnet is growing at a rapid clip because so many IoT devices have little to no protection against even rudimentary attacks. So, more and more devices are getting added to the collective on a daily basis. This one definitely bears watching.

~ As Hill Street Blues' Sgt. Esterhaus always advised: "Hey, let's be careful out there! " ~

 

By Denis Wilson and Melissa Stockwell

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT SupportI'm Denis Wilson, President and Principal Consultant for DWP Information Architects. We build people/process/technology solutions to create better business outcomes for smaller enterprises in Los Angeles. We have created cost-effective office productivity and out-sourced service solutions for over 20 years, focusing principally on manufacturing, professional services, and healthcare.  Our hallmarks are cloud and on-premises network reliability, cost-effective cybersecurity, and livable small business regulatory compliance.

I am also a published author and speaker, working extensively with business and professional associations to provide small business technology education programs. Contact me if you would like me to speak at your association