Although the goal of IPStorm remains unknown, there are steps that can be taken to prevent its spread. Organizations should enforce at least the same password complexity requirements for SSH-enabled machines as they work for regular workstations. Using generated SSH keys in place of passwords is even better. When possible, multi-factor authentication should be enabled as well. In many SSH installations, logging in as the root user is disabled. Instead of enabling remote root logins, assign necessary group permissions to administrators. Rather than exposing SSH servers directly to the internet, consider placing them behind VPN access to prevent scanning and brute-force attacks. If your organization uses any Android IoT devices, do not enable ADB over the network. This feature is generally off by default.

Sources: https://www.zdnet.com/article/ipstorm-botnet-expands-from-windows-to-android-mac-and-linux/

https://labs.bitdefender.com/2020/06/ssh-targeting-golang-bots-becoming-the-new-norm/

https://blog.barracuda.com/2020/10/01/threat-spotlight-new-interplanetary-storm-variant-iot/