• Register

The Mirai Botnet Proves That the Internet of Things Can Be a Major Problem for Enterprises

Fotolia 55652648 SWith the Internet of Things on the rise, threats that can exploit it are growing in scale and sophistication. In fact, the Internet has already felt the wrath of one of the largest DDoS attacks in recent history. Just last year, the DNS provider Dyn was exposed to a crippling DDoS attack which made accessing the Internet difficult for millions of people.

With the Internet of Things expected to exceed 20 million connected devices by the year 2020, now is the best time to protect your enterprise from the threats that it can bring. We’ll explain the nature of the Mirai botnet, and how you can protect your business from it in the future.

The Mirai Botnet Explained
Dyn handles the DNS routing for several large organizations that utilize Internet-based services, like Twitter and Netflix, among many others. At the time of the Dyn attack, the Mirai malware had been found on 50,000 devices, but the numbers have since inflated to a frightening 100,000 Internet of Things devices. The reason? Poor password security on devices like DVRs, cameras, and other gadgets with poor default or built-in security. Each IoT device that becomes infected by Mirai can spread it to other devices that they communicate with. Once the infected devices have amassed a big enough following, they use their numbers to launch a powerful attack against a target, repeatedly pinging a server into submission.

Long story short, Mirai turns Internet-connected devices into “zombie” bots that do the malware’s bidding, and spreads through vulnerable devices until it has an army of mindless devices that can unleash powerful DDoS attacks on a whim. These devices can then be instructed to hit servers in the same way that they went after Dyn. The resulting traffic from tens of thousands of devices is enough to bring down large networks and cause quite a bit of downtime.

The devices targeted by the malware tend to have lower security standards than other devices and don’t showcase immediate signs of infection. While desktops experience slowdowns and functionality problems, the favored devices of Mirai--webcams, modems, and routers--are meant to function with minimal user interactivity, making the signs of infection more difficult to identify. To make matters worse, the source code is available for hackers to use as they see fit. While this gives security professionals a hope to counteract the malware, this also gives hackers opportunities to develop new strains of it that bypass any progress made in the fight against Mirai.

Why Enterprises Should Be Worried
To see the true danger of the Mirai botnet, consider just how many connected devices your enterprise uses on a regular basis, as well as how many devices each of your employees will own in the next five or ten years. Consider the fact that many of these devices, if not properly secured and protected, could be vulnerable to the Mirai malware. The more vulnerable devices are connected to a network, the more vulnerable the network is as a whole, potentially exposing your organization to more than just Mirai. Plus, the last thing that your enterprise wants is to fuel the fire that could be used to burn down the Internet, so to speak. It is every enterprise’s responsibility to secure any devices on their network.

How to Protect Your Organization
When it comes to DDoS attacks from Mirai botnets, it’s better to take a preventative approach rather than react to the problems too late. Here are three ways that your enterprise can avoid Mirai-based attacks on Internet of Things devices.

  • Look at the device: Is the device that you’re purchasing known to have issues with security? If so, reevaluate why you’ve chosen the device and see if you can find one that’s not known to have vulnerabilities.
  • Optimize security settings: With any connected device, you want to avoid keeping default settings and instead optimize them to suit your organization’s needs. In most cases, this means changing the default passwords that come with devices (like your Internet router).
  • Patch device firmware when applicable: Oftentimes, vulnerabilities will be found in a device’s firmware post-release, and it’s not always feasible to update every single one of them. If you suspect that there is a problem with your device that exposes it to security threats, reach out to the manufacturer and consult a professional IT technician.

With the Internet of Things growing larger every year, it only makes sense that hackers’ efforts to undermine enterprises will increase alongside it. Is your organization prepared to handle the dangers of the Internet of Things? To find out, reach out to the professionals at IronEdge Group.

Mobile? Grab this Article

Qr Code
Contact us to discuss your technology needs.
We take the time to understand your technology needs and business goals.