Reports this week are claiming that the Mirai IoT malware has now infected almost half a million IoT devices, more than doubling the size of the original Mirai botnet. The news that the source code for the IoT botnet had been released broke earlier this month, and, as many predicted, the source code has been used by criminals to create their own versions of the malware and are infecting new devices. Cesare Garlati, Chief Security Strategist at the prpl Foundation commented below.
Cesare Garlati, Chief Security Strategist at the prpl Foundation:
“The new data confirms the importance of securing IoT devices to prevent massive DDOS attacks. It also confirms the low level of sophistication of the exploit: mainly common/default user ID and passwords. I am afraid advanced hardware security technology can do nothing to protect from negligence or plain stupidity. This is an area where regulators should play a role and, for example, ban the sale of any connected devices that ship with standard/default/no passwords. In addition, regulators may force ISP to temporarily block IP addresses known from being part of active botnets/DDOS – i.e. the ones detected by Level 3. In the end this is no different than stopping a vehicle with broken tail lights to prevent accidents on a highway. There is no need for new technology to block this kind of unsophisticated attacks, just a good dose of common sense.”