Mirai Malware – A Nightmare For Cyber Security

Mirai Malware – A Nightmare For Cyber Security

On 21st October 2016, the cyber attack occurred across Europe and US that is well known for its whimsicality.

After an incisive investigation, it was known that the malware responsible for this mayhem is called Mirai. The same malware that had infected several IoT devices. Hence, one thing is quite evident that there is a strong link between the infected IoT devices and the cyber attack.

636126567092125766-screen-shot-2016-10-21-at-11-23-09-am

San Francisco – The red color shows the places affected by the cyber attacks.

Through this article, I intend to throw some light on the diabolical nature of this malware and how it can be avoided by following simple steps.

What is Mirai Malware?

Mirai stands for “future” in the Japanese language. It is a malware that takes help of IoT devices to for executing their attacks.

They are known amongst the coders for its notoriousness. Recently they attacked a west African country of Liberia leaving the whole country without internet access.

The first cyber attack had Russian phrases such as “ялюблю куриные наггетсы,” which means “I love chicken nuggets” embedded in a code.

Just like the yin and yang principle, these technological advancements in our everyday life are compensated with potent threats that come with them.

 

What Should You Know About Mirai IoT Botnet?

Mirai scans the internet to check if the IoT devices are susceptible to hacking. It exploits weak security measures like poor usernames and passwords. These infected devices are directed to a central control system where they are made to launch attacks and take websites offline.

These “smart” devices are generally dumb because their operations are limited to only certain basic operations and eventually fails to stand up to its significance as smart phones.

However, when they are used together as one device, to conduct a singular task like connecting a DNS provider its dangers are compounded.

When orders are given, these infected devices can be manipulated to launch another DDoS (Direct Denial of Service) attack.

These kinds of DDoS attacks brought down major websites including Amazon, Twitter, Netflix, Tumblr, Reddit, PayPal and Spotify on that morning of 21st October 2016.

Defending Against Mirai Attacks

 

ddos_attack

  • Prohibit Unencrypted Protocols For Firewall Connection – Firstly, you should see if your device uses default credentials. Make sure your firewall connection is protected with a strong password and the protocols are unencrypted. It is essential that you update your software from trusted vendors and avoid third party updates.
  • Avoid UPnP – Universal Plug and Play is a pre-installed on routers. It makes use of web and internet protocol to connect smart devices into a network and share device information automatically. Now, this is where things get fishy. It easily gives access to a seemingly trusted network without the knowledge of its owner. UPnP has been a constant worry within the cyber security community since 2013. It was publicly renounced by the FBI’s National Infrastructure Protection Center alarming other users to disable UPnP from their routers. So, I suggest you do the same to get rid of Mirai and its hazards.
  • Keep Your Enterprise Routers Up To Date – It is highly recommended to install firmware patch updates whenever they are available.You should activate automatic updates to prevent your routers from running obsolete. A leak that could be patched is a leak that should be patched.
  • Conduct Routine Scans Of Your Network – You can try a popular tool such as Nmap for daily network scanning. This software is highly effective as it scans the network and identifies holes before the hackers do. It is completely legal to investigate your own network and check if there are problems or is there any part of the network vulnerable.
  • Try Industrial Strength Firewall – The most effective industrial strength firewall known is Sophos Firewall and the best part is that it is completely free. All you need for a secure network is a spare computer and set up the installation to ensure a complete protection from hacking threats which will keep itself up to date.

Conclusion

With continuous advancements in technology, the hazards of malware are becoming more and more disruptive. Hence, it is necessary for you to stay one step ahead and keep your system up to date and secure.

If you follow these suggestions mentioned above, you can secure your enterprise from all kind of malware attacks.