<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=522217871302542&amp;ev=PageView&amp;noscript=1">

Mirai Botnet Attacks: What We’ve Learned for IoT Security

Posted by Jess Holy on Jun 9, 2017 2:15:07 PM

Botnets are a major threat for smart businesses and require a combination of resources, methods, and energy to defend against them. The largest botnet attack to date used IoT-enabled devices to gain entry into the world’s most vital business networks.

This raises a major concern because some of your customers may be using consumer-grade IoT devices that have baked-in security vulnerabilities. This causes immediate challenges for the customer and may have more widespread implications for computer networks at large.

The Mirai botnet appeared in September of 2016, as well as the subsequent distributed denial of service (DDoS) attacks.1 Mirai works by exploiting the weak security on many consumer-grade IoT devices. It operates by continuously scanning for IoT devices that are accessible over the internet and use factory-default or hard coded usernames and passwords (routers, CCTV cameras, smart doorbells, DVRs).

One of the largest Mirai attacks was to the DNS provider Dyn in October 2016, with the volume of attack traffic reaching as high as 1.2 Tbps.2 This DDoS attack affected more than 60 internet platforms and services, causing them to be unavailable to many users in Europe and in North America. This affected Amazon Web Services, CNN, Netflix, PayPal, Spotify, and Squarespace.

You can help your customers better protect themselves from the Mirai botnet and the many variants of it by understanding the difference between consumer-grade and enterprise-grade IoT devices, and equipping them with the latter.

What’s the difference between consumer-grade IoT devices and enterprise-grade?

Consumer-grade IoT devices are meant for personal, home-based use, not in the commercial and enterprise space. These consumer devices are designed to improve and enhance day-to-day life, such as a smart thermostat automatically regulating the temperature of a building or shutting off the A/C when the windows are open. It could also be a smart doorbell that allows visibility into who approaches the door.

While useful, they don’t go through the rigorous security testing that enterprise-grade devices do, nor are they equipped with enterprise-level security to defend against malware attacks.

Enterprise-grade IoT devices or industrial IoT devices are designed around safety and productivity. They are created with far more stringent requirements than consumer IoT, including no-compromise control, rock-solid security, and unfailing reliability.

Consumer-grade devices may be able to save your customers money intially, but they could lead to larger expenses in the future due to security breaches and botnet attacks. Plus, consumer IoT devices aren’t built to withstand the harsh environments and data requirements of a business or enterprise.

What can you do to keep your customers safe?

With Mirai as a major threat, here are a few steps you should take to protect your customers.

  1. Educate your customers. Warn them of the dangers that consumer-grade IoT devices can pose to their business, and provide them with enterprise-grade solutions instead.
  2. Create a DDoS strategy. Anyone can become a target and now’s the time to plan appropriate measures to prevent the attack and how to mitigate the attack should it happen.
  3. Work with Tech Data Smart IoT Solutions. We have the connections and services to help you equip your customers with the right IoT devices for their needs.

By partnering with Tech Data’s Smart IoT Solutions team, you’ll have access to the products, services, and knowledge needed to provide your customers with secure IoT devices and solutions that help prevent Mirai attacks. Reach out to our team for more information or to schedule a consultation at iot@techdata.com and visit iot.techdata.com.

Tags: IoT Devices, IoT Security