The VPNFilter attack is actually quite sophisticated. The hackers might utilize a domain name generation algorithm (DGA) for the first phase in the attack. When DGA is combined with persistency on the routers and other devices, it appears that rebooting them doesn’t help mitigate communication with the C&C server. Even if the FBI successfully took down the original C&C server responsible for distributing the plug-ins and communicating with the infected devices, the devices can still use DGA to randomly generate a new host that can assert botnet control. This is the first botnet that we can say achieves persistency and is resilient to C&C server loss.
The global community of IoT manufacturers and commercial customers has had several serious wake-up calls pertaining to system security and cyberattacks. The first significant IoT cyberattack was against a Iranian nuclear facility in which malware was used to disrupt and impair the centrifuges in the plant, causing physical damage that shut the plant down.
The Internet of Things is at the core of every enterprise in the digital disruption taking place in industry today. This is clearly shown in Industry 4.0 where IoT plays a crucial role in orchestrating the coordination efforts among people, devices, machines, systems, and entire production lines. From manufacturing and utilities to critical infrastructure and healthcare, IoT plays a critical role in predictive maintenance, resource monitoring and procurement, and operational improvements.