Mirai Botnets Are Back to Threaten IoT Security Again

September 19, 2019 - 7 minutes read

The Internet of Things (IoT) keeps growing in terms of features and capabilities. But IoT developers are facing a significant step back with security issues. Case in point: The Mirai botnet virus is re-emerging in IoT infrastructure.

It’s time to vigorously tackle this malicious problem once and for all before it comes back with a vengeance. But winning this battle won’t come easy.

What is the Mirai Botnet?

The Mirai virus was created by three programmers named Paras Jha, Dalton Norman, and Josiah White. Although it was found in 2016 by MalwareMustDie, a non-profit malware and security research workgroup, this virus was active long before its discovery.

Originally, Mirai’s primary targets included consumer-level devices, like IP cameras (for example, those used for surveillance) and home routers. In 2016, Mirai made headlines when it took down several major websites like Airbnb, GitHub, Reddit, Twitter, and Netflix through a DDoS (distributed denial of service) attack. This attack led to outages across the U.S. and Europe, and it got the attention of cybersecurity and IoT security professionals around the world.

The virus works by exploiting weak security protocols. It uses a “command injection attack” to enter an IoT device’s Shell file and begins manipulation of the entire operating system. These attacks can persist for longer than a few days because many of the attacked devices lack a robust validation process that identifies external or abnormal commands.

Later that year, the botnet attacked the website of Brian Krebs, a world-renowned and respected cybersecurity expert and author of the blog “Krebs on Security.” Although the site was down for four days, it cost the owners almost $323,000 to clean it up.

Mirai and the IoT

Since then, the three authors of the Mirai botnet were arrested and sentenced in court. They open-sourced Mirai’s code, but this caused their fellow hackers to create other versions of this dangerous virus. Since 2017, Mirai’s open-sourced code has pivoted from attacking consumer devices to enterprise-level IoT networks.

Because IoT systems are comprised of expensive, numerous, and varied devices, Mirai has a lot of weaknesses to target. Most devices lack reliable security protocols beyond the necessary recommendations, and taking down a multi-million dollar company is obviously an appealing objective for many hackers. As IoT systems continue expanding globally and smaller corporations start implementing their own versions of IoT systems, many companies are at considerable risk for getting attacked.

What can these companies do to stave off a Mirai botnet attack? It involves using the latest encryption protocols and techniques on every single device on the network. Even the sensors that seem like they don’t do much. Even devices that simply use edge computing to make decisions. And even devices that are brand new from the manufacturer.

The one major and ongoing problem? The IoT sector is still so new and growing so rapidly that there are no established, published security and encryption protocols for developers and security consultants to work from.

Securing IoT Systems Going Forward

Joe Weiss is a consultant at Applied Control Solution and the managing director of ISA99. He can’t believe that there are no standardized security protocols in IoT. “It’s 2019! How can we be in this place? We haven’t made much progress with security at all,” explains Weiss. “We’ve made lots of progress monitoring the networks and almost nothing about what we were supposed to do in the first place.”

Although Weiss may seem passionate to the point of coming off heated, he’s not wrong in the least bit. Sensors, for example, are used in large multiples across IoT systems and hardware. But manufacturers often use cheap, lower-capability processors that can’t take the load of the newest encryption techniques. When a company uses hundreds of sensors throughout their nationwide locations, it becomes incredibly easy for hackers to take over entire systems in a matter of minutes or hours.

Without an on-call team of security professionals, most companies are out of luck when it comes to dealing with a system restoration ASAP, which leads to hundreds of thousands of dollars lost.

According to Paul Bevan, the research director of IT Infrastructure at London-based Bloor Research, cost plays a significant factor in how well companies secure their IoT systems. Even though a company with a small IoT system may feel like they can skimp on the IT and security, that’s not the case. Every company utilizing IoT systems needs robust, stable, and ever-changing encryption and security protocols.

So, too, must manufacturers bring their devices and device hardware up to speed immediately to accommodate the stronger encryption standards of the future.

A Safer Future Takes Constant Work

Building a safer future for our IoT systems will take time, effort, and constant evaluation. Hardware and software should eventually reach a level where they’re self-evaluating, validating, and self-updating to higher encryption protocols.

But this won’t be as fast or as easy without the help of IoT and cybersecurity experts joining together around the world to create a unified approach for everyone to follow. Without better security, it’s only a matter of time before malware like Mirai botnet starts affecting the consumers’ bottom line too.

Tags: , , , , , , , , , , , , , , , ,