Mirai Botnet the thorn to the IoT rose bush

Every week we have a news story reminding us of the consequences of not implementing good security policies or at least not enforcing them. On Friday sites like Spotify, Netflix, GitHub, Twitter, Reddit, AirBnB were part of a large list of website that was hit by the attack leaving them inaccessible.

A Chinese firm has admitted a large number of their devices, most likely internet-connected security cameras were partly at fault. How did the company become puppets for the attack? Weak default passwords.

The attack ran through some malware called Mirai and is known for taking advantage of vulnerable internet of things devices. It searches and scans the internet for IoT devices with default passwords. The Mirai botnet looks like it could be a real thorn in many manufacturers side. Once a vulnerability is found on a device it is hard to rectify as patching is also hard to achieve for many of these devices.

An area of further concern is that the Mirai botnet source code was made available a few weeks ago for anybody who wants it. So now there is a situation where we have a large number of devices unpatched ready to be taken advantage of by hackers. To ‘help’ things Gartner forecasts that 6.4 billion devices will be in use worldwide in 2016.

Is there a solution?

As you guessed there is no simple solution to this problem, but it is something that needs to get fixed. IoT will be prominent in the future and will affect our economy if no action is taken. However, some simple principles that have been around since cyber security began will help.

An important phrase applies in cyber security, which is ‘defence in depth’. We will assume the patching issue will be addressed, so we should ask is the perimeter secure and ring-fenced? Is it robust and does it monitor continuously for suspicious behaviour? There are many methods of securing a network all with their merits but along we are not turning a blind eye to the threats or being single minded to our defence strategies we should make progress.

Going with that theme, manufacturer’s of devices should provide users with the ability to apply good security practices. But then it is the user’s responsibility to take advantage of the security features and implement them.

As a data centre, we have multiple methods for mitigating DDoS attacks and minimising the effects to our customers. If you would like to discuss our DDoS mitigation further then please contact us and we will get one of our technicians to explain how we will keep your business protected and online. We can also offer some advice around protecting your network via practices and policies.

Sign up to our newsletter

Stay up to date with the latest from Datacentreplus!