Knowledge Base / News
This week it was announced that a new IoT botnet malware called Reaper was spreading quickly around the internet, infecting over one million devices in a short period of time.
What makes this botnet concerning is how sophisticated it is. Unlike the Mirai botnet which used default device passwords to spread, Reaper has the ability to crack passwords and exploit other vulnerabilities in order to infect devices.
Reaper has not begun spreading any malicious traffic as of yet, but it does have the potential to trigger DDoS attacks among the internet.
We wanted to discuss the impact of malware on IoT devices because once again, the malware in the news is reported to have infected IP cameras made by AVTech Taiwan, a company that shares part of our name but has no other relation to us. AVTECH Software, Inc. does not manufacture any IP cameras, however our Room Alert monitors do exist in the IoT space.
As we noted last year when the Mirai botnet began to make news, AVTECH takes several security precautions when it comes to securing and protecting our hardware, software, and devices.
Room Alert is firmly within the IoT sphere, as it’s designed to send alerts and notifications to users based on the environment factors it’s monitoring. Room Alert can also take automatic corrective action based on those alerts, such as turning on a water pump or fan if certain environment triggers are set up.
It’s important to note that although Room Alert is considered an IoT device, we’ve taken a good number of steps to help protect the security of our devices and our customers.
Room Alert’s firmware is purpose built, which means that it’s specifically designed for Room Alert devices. One major security flaw with some IoT devices is tied into the firmware and software the devices run, as we’ve seen with other botnets such as Mirai last year. When IoT devices run common Linux operating system versions, or commonly used utilities such as Busybox, it’s easier to find ways to manipulate those devices from the outside. Room Alert runs a very specific firmware that’s set up to only provide the functions the devices need to monitor and report – that’s it. Room Alert does not run any embedded Linux.
Our Room Alert Account platform offers our customers an easy and secure way to monitor and manage Room Alert. Users can see their devices, reports, alerts, and data directly within their Room Alert Account from any internet-connected device. Those reports and data are pushed directly to RoomAlert.com from their Room Alert monitor; your Room Alert Account does not push any data back to Room Alert monitors.
Since traffic is only one way, from Room Alert monitors on the customer’s network to RoomAlert.com, there’s no need for users to open ports on their local firewalls or modify security protections. Traffic doesn’t need to get in when customers use RoomAlert.com, and users don’t need to worry about those additional open firewall ports adding additional potential points of entry from malicious traffic.
Universal Plug and Play, commonly referred to as UPnP, is a protocol that’s widely used in internet-connected devices to make them easy to set up, and also allows them to discover other devices on their local networks to “talk to”. This protocol has been identified as a major vulnerability when it comes to outside malicious traffic, and has been recommended to be disabled in many instances.
Room Alert does not use UPnP to connect itself to other local network devices or RoomAlert.com for remote monitoring. Again, as we noted above Room Alert monitors use custom firmware and are designed to provide one-way traffic to our RoomAlert.com platform, the preferred way to monitor your Room Alert monitors. By not using UPnP, we’ve removed one major way IoT devices can be exploited by malicious users and traffic.
Room Alert users around the world should rest assured that their environment monitors are strongly protected against intrusion or infection from outside sources. AVTECH Software, Inc. has always had an eye on security when designing Room Alert monitors, Device ManageR, and RoomAlert.com. We try to be as proactive as possible when it comes to ensuring user security, and have always done so.
If you find yourself the user of any of the affected manufacturers such as Linksys, Dlink, AVTech Taiwan, and others, please take a few moments to research the security updates that may be available for your devices. Many manufacturers have already started releasing updates that address the vulnerabilities.
Thanks to the design features noted above, AVTECH’s Room Alert is not one of the IoT devices potentially affected by Reaper. This does not mean that you should neglect other devices on your network, however. Always be proactive with your security, just as you are with your environment monitoring. Protect yourselves against intrusion, hacking, and environment-caused downtime, and your organization will enjoy increased uptime and productivity.
Note: The former GoToMyDevices online monitoring and management platform was migrated into RoomAlert.com in December 2017. For more information, please see our announcement article and FAQ.
You may find Windows Command Prompt at the following path:
To run Windows Command Prompt as an administrator:
If you are using this client, you should configure the general SNMPv3 Credentials, but leave the Read / Write SNMPv3 Credentials section blank.
Current S models | Current E models |
---|---|
Room Alert 32S | Room Alert 32E |
Room Alert 12S | Room Alert 12E |
Room Alert 4E | |
Room Alert 3E | |
Current S models | Current E models |
---|---|
Room Alert 32S | Room Alert 32E |
Room Alert 12S | Room Alert 12E |
Room Alert 3S | Room Alert 4E |
Room Alert 3E | |
Room Alert 3W |