machines toward a specified target (thereby overloading it and preventing it from being able
to serve legitimate requests). Botnets are also used to steal private information such as credit
card numbers and credentials for bank and email accounts.
The term thingbots is being used in the cybersecurity research industry to describe botnets
that include infected IoT devices that can also be leveraged to launch attacks and steal private
information. In 2014, a research firm discovered that over 750,000 phishing and spam mes-
sages had been sent from more than 100,000 household devices, including televisions, WiFi
routers, and fridges.
Thingbot owners are likely to leverage the capabilities of IoT devices to steal information
they may not have had access to previously, such as capturing private conversations via infec-
ted Smart TVs. They can also take advantage of the ability to control locks and lighting in
thousands of homes.
As more IoT devices start to come online, attacks spawned by thingbots are only going to
increase, and threat agents are going to have increased access to our private information as
well as the ability to cause physical disruptions in our lives. This means that addressing the
categories of IoT-related vulnerabilities discussed in this book will become even more of an
emergency as we look into our future.
The Rise of the Drones
Unmanned aerial vehicles (UAVs), known in the mainstream media as drones are aircraft
without human pilots on board. There are various types of drones, ranging from larger,
military-grade ones to drones that are used for recreational purposes such as photography.
At the Black Hat conference in Singapore in 2014, researcher Glenn Wilkinson unveiled a
proof-of-concept tool called Snoopy: a quadcopter with two attached video cameras that uses
an onboard computer, a GPS unit, and a GSM cellular unit to capture wireless network traffic
and follow targets in a defined area. In addition to WiFi, the tool also leverages Bluetooth and
radio-frequency identification (RFID) network traffic to track devices and their owners.
The Snoopy software works by tracking network probes from devices such as smart-
phones that are constantly searching for WiFi networks they have previously associated with.
The Snoopy drone then offers a WiFi network with the same name as the one being probed.
When a smartphone joins this network, Snoopy proxies the network traffic and therefore can
be used to capture data being transmitted by the phone. In addition to phones, Snoopy can
also capture data from devices such as pacemakers that use WiFi, as well as fitness devices
and smart cards.
The software can be installed on multiple drones that can be spread across a city; Snoopy
is designed to capture network data and transmit it to a remote server so the owner of the
drones can analyze data in one place. For areas where there is spotty cellular coverage, a single
drone can be deployed to hover and capture network traffic while another drone can be sent
over periodically to collect the captured data and bring it back to the attacker. The drone also
CHAPTER 8: SECURELY ENABLING OUR FUTURE—A CONVERSATION ON(^232) UPCOMING ATTACK VECTORS