The Terrifying Internet of Things: Will the “Reaper” Botnet Bring Down the Web?


What would happen if a virus took hold of so many Internet of Things (IoT) devices that it had the power to potentially launch an attack against the entire web? Well, this appears to be just the question the world is facing, as the massive Reaper virus gains hold.

The numbers are shocking: since it was first spotted by researchers three weeks ago, Reaper  virus has infected over a million devicesCheckPoint has revealed that a staggering 60% of the global networks it monitors have been compromised. If those numbers continue to grow, we could be looking at a massive breach.

And let’s face it, that growth seems more than likely, because of the way in which Reaper works to infect devices. It’s called a botnet for a reason: it detects weaknesses in IoT devices—particularly Wifi routers and webcams—and injects malware into them which can then spread to other internet-connected devices. Essentially, the Reaper virus is a web hack growing exponentially—day by day, device by device.

But perhaps the scariest part is the question we still can’t answer: what does the hacker plan on actually doing with the infected devices, and when will he do it? Once part of the botnet, the gadgets essentially belong to the hacker, giving him the power to harness their collective bandwidth as he pleases. The running theory, according to Wired and others, is that he will use the devices to overload servers with traffic and launch a Distributed Denial of Service (DDoS) attack. When the botnet Mirai did something similar in 2016, it pulled several providers off the web entirely, including The New York Times, Reddit, and Spotify. The Reaper virus is proving to be much larger and more powerful than Mirai, begging the question: when the hacker finally decides to release his droids into the cybersphere, what might happen?

The possibilities are frightening. Massive portions of the internet crashing is, in reality, one of the best-case scenarios. With control over a million devices across countless servers, a deranged hacker could do a lot worse with the Reaper virus than to create merely inconvenient web outages. Suddenly, device security is brought into much sharper focus: we’re not just looking at breached personal information or even the occasional stolen identity. We’re looking at a rapidly growing army of “zombie slave devices” capable of, well, almost anything. Talk about an AI nightmare.

Given this situation, what can we do about it? Thankfully, there are a few practical measures we can take to help stop the spread of the botnet, if not to restore already hacked devices. Security experts recommend resetting factory settings—including passwords—on all IoT devices, especially routers and webcams. Additionally, consumers need to make sure that they’re applying security patches as soon as those patches are released. These measures will leave individual devices less susceptible to getting hacked.

But, in the long run, it will take more. At the risk of beating a dead horse, security awareness—from simple avoidance of social engineering scams and credit card data breaches to learning how to protect physical devices that could, quite literally, be turned against us—is a continual and holistic process. A few knowledgeable individuals resetting network default passwords on their routers will never be effective against a Botnet if the other 6.9 billion people on the planet are not taking similar measures. Additionally, if the big players—the organizations that create the routers and patch the weaknesses in the first place—are not willing to take on the responsibility that comes with their position in the industry, we really won’t stand a chance. Reaper has found an easy target in a weak Human FirewallTM.

But that doesn’t mean there’s not cause for hope. As each breach occurs, I think we open our eyes a little bit more to reality. Maybe a massive botnet taking our devices hostage is what it takes for us to actually wake up and see the writing on the wall. And while the efforts of a few individuals or a few companies won’t be enough to prevent the attacks altogether, they are a step in the right direction. Educating employees in network security and other cyber best practices may feel like too little, too late, but this could not be farther from the truth.  We are rebuilding a razed Human Firewall brick-by-brick, showing peers and competitors alike how it’s done. And eventually, finding a worthy opponent, Reaper will take his scythe and go home. But there’s only one way to get to that point…

What Can You Do?

If you are concerned about your employees’ personal cyber security habits at work and at home and the impact they can have on your company, here are a few resources that may help.

  1. Watch the recorded webinar, Developing Security-Minded Employees for Defense Beyond Organizational Boundaries. It is a great resource for practical steps for creating digital habits and maturing your security culture and tailoring it to your organization.
  2. Request a free copy of the Gartner Research Note, How to Secure the Human Link.
  3. Check out Leading a Secure Organization, a new course from GLS. It includes modules on Data and Devices, Organizational Cyber Risks, and The Human Firewall.
GLS Logo

Enjoying our cybersecurity blogs?

Try out our weekly security awareness tips, sent directly
to your inbox.
GLS Logo

Your download is complete!

Need more training?