The Mirai Botnet: We Could Have Helped
In mid-October of 2016, one of the most significant Distributed Denial of Service – more commonly known as DDoS – attacks left most of the US East Coast unable to access the internet. Yes, the internet went out, let that sink in. In fact, the attack was so severe that American authorities quickly blamed it on hostile nation-states when it was, in fact the Mirai Botnet’s handiwork.
The Mirai botnet, originally created by some angsty teenage hackers, was not designed to cause this grand scale of chaos, but it grew far beyond the creators’ expectations (like Frankenstein’s monster or the weeds in your garden). What started as a simple method for the creators to steal a little money from Minecraft players turned into a story of unintended consequences and unanticipated global information security threats.
A Little Botnet Background
First, what’s a botnet? In summary, a botnet is a collection of internet-connected devices – bots– under control from some remote third party. In most cases, the compromised devices are under some malicious actors’ control who can do anything they want almost always without the owner’s knowledge. Those that control the botnet have a powerful sort-of hacked-together supercomputer to use for anything they want. Most commonly, these botnets are used to send out Spam emails. In the case of Mirai, it was designed to perform Massive Denial of Service Attacks.
Traditionally, these networks are made up of compromised PCs, but at the beginning of 2016, nearly 8.4 billion IoT devices were already connected to the internet. The vast majority of these devices were ripe for the picking, and Mirai took advantage of these plentiful and insecure devices.
Attacks, Attacks, and more Attacks
The botnet was used for its first big wave of attacks on September 19th, 2016, against the French internet hosting company OVH. It was later revealed that OVH was hosting a popular Minecraft server host used to fight DDoS attacks against their servers. Shortly after this, the creator posted the code online, and less than a month later, on October 12th, the BIG attack happened.
The BIG attack was against a massive internet infrastructure company called DYN, which among other services, provides DNS services to many large websites. The attack caused the east coast of the US to lose access to the internet, and people worldwide lost access to vital popular websites that had their DNS service managed by DYN.
IoT Secure Could Have Helped
If any of those affected by this massive botnet had been using IoT Secure’s solutions, the impact would have been GREATLY reduced. Our solution is specifically designed to help you manage unmanaged devices in myriad ways. In the case of Mirai, the primary advantage you would have is, first, KNOWING all the devices on the network, and second, getting notifications on ANY devices still using default passwords. Mirai would have never worked if people had changed these default passwords and turned off unnecessary services like Telnet.
Learn more today about IoT Secure and what we can do to help you protect ALL your unmanaged devices at IoTSecure.io.