The new release of Mirai malware source code unleashed a wave of IoT-based bots on the internet at large, giving motivated fraudsters the tools they need to ramp up attack speeds and deliver huge distributed denial-of-service (DDoS) throughput.

InfoWorld described it as a “plague,” and it may be right, since IoT security already struggles to keep pace with cybercriminals’ sophistication and speed. Is it possible to insulate corporate networks against this new wave of IoT insecurity?

Botnet Backlash

As noted by Infosecurity Magazine, Mirai is designed to leverage IoT by scanning the web for devices protected by factory-default passwords or hard-coded credentials, making them easy to compromise and infect. Once under the control of malicious actors, these devices are turned into a kind of massive botnet that can spam-DDoS websites and quickly shut them down.

The Krebs on Security site, for example, was recently targeted by a DDoS attack using the Mirai malware reaching 620 Gbps. Ars Technica also reported a 1 Tbps attack on French web host OVH.

In both cases, this traffic is orders of magnitude greater than what is required to knock out a website. It was made possible by a combination of the sheer number of IoT devices now connected to the internet and the lackluster security associated with most of these products.

That’s with Mirai still under the control of just a few attackers. Its source code was released last Friday, according to Infosecurity Magazine, after cybercriminals noticed the number of botnets they could pull was steadily dropping thanks to ISPs “cleaning up their act.” With Mirai now available to the public, however, the sheer number of attempts may undo much of the progress made in the wake of the Krebs and OVH attacks.

When Cameras and Printers Attack

According Ars Technica, IP cameras and video recorders are among the most frequently compromised IoT devices. It makes sense, since there are millions of these devices online, and most come with stock security credentials that are never changed.

The problem is that cameras, recorders, printers and wireless sensors don’t seem like threats because they’re on the fringes of corporate networks. Even if they’re compromised, they pose no local threat. With a few tweaks, however, they can be misappropriated as part of a larger, IP-enabled botnet that can conduct DDoS attacks anywhere, anytime.

Mitigating Mirai Malware

So how do IoT suppliers and manufacturers reverse the trend and stop Mirai in its tracks? First up are passwords. Device vendors need to make sure every IoT product comes with a unique password or force users to change the password once the device is installed.

Problems here include cost — since cheaper and faster is better for companies looking to tap into the IoT market — and the specter of user inconvenience. If forced to remember yet another password or make regular changes to device security, users may opt for a simpler alternative.

There’s also the problem of firmware. Even devices that start secure don’t stay that way forever. Still, companies often make it difficult to find firmware updates. Automatic updates, meanwhile, introduce the problem of man-in-the-middle (MitM) attacks if the process isn’t properly protected.

Solving IoT Insecurity

The Mirai malware release is merely a symptom of the larger problem of limited IoT security. Cybercriminals are able to create botnets because speed and convenience often trump security when it comes to IoT.

To solve the problem, security leaders must rethink the IoT industry on the whole. Rather than existing outside the corporate network, connected devices must be seen as the first line of defense: Whatever gets past the gates can be used to undermine the foundation.

More from

Detecting Insider Threats: Leverage User Behavior Analytics

3 min read - Employees often play an unwitting role in many security incidents, from accidental data breaches to intentional malicious attacks. Unfortunately, most organizations don’t have the right protocols and processes to identify potential risks posed by their workforce. Based on a survey conducted by SANS Institute, 35% of respondents said they lack visibility into insider threats, while 30% said the inability to audit user access is a security blind spot in their organizations. In addition, the 2023 X-Force Threat Intelligence Index reported that…

3 min read

Poor Communication During a Data Breach Can Cost You — Here’s How to Avoid It

5 min read - No one needs to tell you that data breaches are costly. That data has been quantified and the numbers are staggering. In fact, the IBM Security Cost of a Data Breach estimates that the average cost of a data breach in 2022 was $4.35 million, with 83% of organizations experiencing one or more security incidents. But what’s talked about less often (and we think should be talked about more) is how communication — both good and bad — factors into…

5 min read

Increasingly Sophisticated Cyberattacks Target Healthcare

4 min read - It’s rare to see 100% agreement on a survey. But Porter Research found consensus from business leaders across the provider, payer and pharmaceutical/life sciences industries. Every single person agreed that “growing hacker sophistication” is the primary driver behind the increase in ransomware attacks. In response to the findings, the American Hospital Association told Porter Research, “Not only are cyber criminals more organized than they were in the past, but they are often more skilled and sophisticated.” Although not unanimous, the…

4 min read

Ransomware Renaissance 2023: The Definitive Guide to Stay Safer

2 min read - Ransomware is experiencing a renaissance in 2023, with some cybersecurity firms reporting over 400 attacks in the month of March alone. And it shouldn’t be a surprise: the 2023 X-Force Threat Intelligence Index found backdoor deployments — malware providing remote access — as the top attacker action in 2022, and aptly predicted 2022’s backdoor failures would become 2023’s ransomware crisis. Compounding the problem is the industrialization of the cybercrime ecosystem, enabling adversaries to complete more attacks, faster. Over the last…

2 min read