When the Mirai botnet first made headlines in September, its existence was made known with dramatic flair. It flooded Brian Krebs’ security blog with traffic from zombie Internet of Things devices first, then it managed to disable the internet by overwhelming Dyn, which serves as the internet’s backbone for most of the US. The number of attacks has rapidly increased since then. By now, it’s clear that Mirai has the ability to obliterate what’s formerly known to us as indestructible.
Mirai Botnet: The Beginning Of DDoS Attacks
Since the open source Mirai botnet software circulated on the internet, the whole world experienced massive distributed denial of service (DDoS) attacks that can disrupt website services or worse, take them down. Homeland Security reports that the attacks were enabled by non-secure IoT devices, which could come with hardcoded credentials or backdoors. This makes way for attackers to discover easy entrance into millions of devices and take them over.
In the past few weeks, the Mirai botnet disrupted internet services for over 900,000 Deutsche Telekom customers in Germany, reports Krebs. A report from SEC Consult also states that 80 models of Sony cameras are prone to Mirai takeover.
“It’s accelerating because there’s a wide-open, unprotected landscape that people can go to,” says Chris Carlson, vice president of product management at Qualys. “It’s a gold rush to capture these devices for botnets.” Despite all of this, experts conclude that the Mirai botnet is only the beginning
Mirai Botnet = Rise Of The Machines
Members of the Institute for Critical Infrastructure Technology (ICIT), a cybersecurity think tank, published a report called “Rise of the Machines: The Dyn Attack Was Just a Practice Run” (pdf). Penned by Drew Spaniel and James Scott, the authors warned that it’s possible that warring nations could weaponize non-secure IoT devices and use them against each other. If the Mirai botnet continues to evolve, more infected devices could go around. A reason Mirai is rather difficult to contain is that it can lurk on devices without affecting their performance.
The authors of the paper concluded that backdoors should be avoided at all cost. Whatever good may be achieved through them is outweighed by the possibility of a nation making use of them to cripple national infrastructure through Mirai and other botnets. Moreover, backdoors could be used by malefactors for their own malicious intent.