Do you remember a few months ago when a bunch of major websites went down to a DDoS attack? It was done with a botnet called Mirai, and it’s still around.
Mirai is a kind of malware that finds and co-opts devices to use as its programmer desires. This group of devices is called a botnet. Mirai used IoT (Internet of Things) devices, turning web-enabled appliances and devices into junk traffic aimed at overloading websites.
While Mirai’s coming out party was against Dyn, which is the foundation for American internet, it hasn’t been resting since then. Mirai recently attacked a German bank, causing a service interruption for nearly a million customers. It infected over 2,000 routers in the United Kingdom for use in its DDoS army. It was also recently discovered that many models of Sony cameras are susceptible to Mirai too.
There are two primary contributors to Mirai being so busy. The first is the number of devices under its control, which includes tons of modems, routers, webcams and DVR systems. The second is that it is open source, meaning programmers have free access to the code so they can tweak it as they like, leading to multiple variations of the malware.
What can you do to make sure your IoT devices don’t join Mirai’s botnet army? Many of your internet-connected devices come with preset passwords from the manufacturer. The best, smartest and easiest thing to do is to simply change the password. Outside of that, many people don’t use all the features of their smart devices, so if you’re not using it, cut off its access.
Keep in mind that we’re in the early days of the IoT. Malware like Mirai is bound to get worse before it gets better, but as awareness grows, so will protection and prevention.