October 19, 2016
Internet of Things (IoT) is the target of “Mirai”, a botnet to launch cyberattack. Your IoT may be the next target probably!
There was a severe cyberattack as the result of “Mirai” in USA on 21 October 2016.
Popular websites we surf every day, namely Facebook, PayPal, Twitter, Reddit, GitHub, Amazon, Netflix, Spotify, to name but a few, were not reached because of the widespread internet shutdown on 21 October 2016. This was caused by a malware dubbed “Mirai” using vulnerabilities embedded in IoT to launch Distributed Denial of Service (DDoS) attack to “Domain Name System (DNS) servers.
According to “The Guardian”, experts were quoted as saying that “it is the largest of its kind in history.”1 In addition, “USA Today” quoted “Gartner” as saying that “there are estimated 6.4 billion internet connected devices in use worldwide today.”2 Approximately, there were nearly 21 million IoT devices infected in USA in this case.
“Mirai” massively infected IoT devices with the default or the simple combination of login and password such as “password”, “admin”, “1234”. A large number of infected IoT devices become a host to generate the overwhelming traffic to slow down the internet speed and make websites offline.
Being infected with “Mirai” is not as difficult as you expected and it is the root cause of “Mirai” attack leading to the outrageous internet outage. The “Mirai” source code was publicly released. Simply download the code and click “Yes” to execute the program like installing our downloaded ordinary softwares. Your vulnerable IoT devices are seeded with malicious software which made IoT devices to be infected, or said turning to be a botnet. This botnet can infect other IoT devices at the low-security level and so forth.
The Mirai infection leading to this internet outage definitely put our spotlight on cybersecurity.
Precaution
As said, the weakly secured IoT devices gets a higher chance to be the target of “Mirai”. So, in theory, it is avoidable for our IoT devices to prevent from being hijacked by “Mirai”. But in practice, it is very difficult to do so mainly because of the user’s weak knowledge in cybersecurity and awareness of boosting the security performance of IoT devices. An easy and user-friendly safety measure is the frequent alternation of your complex combination of login and password. It is also a considerable precautionary practice that we employ a reliable online tool to regularly scan your IoT devices to search for and get rid of any possible vulnerability.
