The Internet of Things (IoT) is one of those concepts that seems to be gaining irreversible momentum in the world of technology. The basic concept - that every object in our daily lives, from refrigerators to thermostats to lights is WiFi enabled and connected to our networks - is an appealing one to many, offering up a Jetsons-like future where your home responds to your needs and commands. Developers in this space envision a future where your refrigerator can order milk from an online delivery service when it senses your stock getting low and your furnace can switch on 20 minutes before you get home to maximize efficiency and comfort.

As a security professional, however, reading this might well be sending up the brightest of red flags. From a network and cybersecurity perspective, every wireless-enabled device represents a potential access point for malicious actors - and if people struggle to keep their antivirus up to date, how many users are going to take care to update their smart toaster’s firmware?

Indeed, such networks are already being exploited. The Mirai botnet uses IoT devices to support DDoS attacks that resulted in several prominent outages last year, and by the looks of things, this trend is going to continue.

“The Mirai botnet has forced stakeholders to recognize the lack of security by design and the prevalence of vulnerabilities inherent in the foundational design of the Internet of Things devices leveraged in the attack,” conclude the Institute for Critical Infrastructure Technology in its report on the phenomenon, somewhat ominously titled Rise of the Machines. “In fact, due to a saturated pool of bot victims, script kiddies have already begun adapting the malware to new victim hosts or adopting new malware altogether. Mirai presents an interesting case study because its operation and activity inform the security community of threat actor trends in targeting, services, and capabilities.