A Future Ruled by the "Botnet of Things"?

In October 2016, botnets (an interconnected group of electronic devices under the control of a botmaster, or botherder, who can then use the bot army to steal information or carry out scams on a massive scale) made headlines as the instrument behind a distributed denial of service (DDoS) attack against domain name system (DNS) provider Dyn that took dozens of websites, including Amazon, Netflix, Spotify, Twitter, and even the Swedish government, offline for hours. In response to a Request for Comment from the National Telecommunications and Information Administration (NTIA), OTI offered seven recommendations for addressing the threats posed by botnets:

1. Use bug bounty programs to reduce vulnerabilities in IoT products
2. Design devices such that they can be patched and updated
3. Ship items with unique, random credentials, and let users customize login information
4. Establish clear support windows and end-of-life procedures
5. Let users know which security features are available to them on a device—and which are not
6. Connect consciously
7. Support the products that implement best practices