The Mirai botnet strikes again.
A new version of the Mirai computer worm knocked more than 900,000 German ISP Deutsche Telekom customers offline due to infected routers, Krebs on Security reported last week.
A newly discovered vulnerability in the firmware of the devices is believed to be the entry point for the botnet, which then turns off the remote upgrade feature and complicates restoration efforts.
“Security experts say the multi-day outage is a sign of things to come as cybercriminals continue to aggressively scour the Internet of Things (IoT) for vulnerable and poorly secured routers, internet-connected cameras and digital video recorders (DVRs),” Brian Krebs reported.
“Once enslaved, the IoT devices can be used and rented out for a variety of purposes — from conducting massive denial-of-service attacks capable of knocking large websites offline to helping cybercriminals stay anonymous online,” he added.
Earlier this year, mainstream sites that users both frequent and rely on were rendered useless due to a massive distributed denial-of-service (DDoS) attack on the internet domain directory Dyn.
It was later discovered that the DDoS attack on Dyn was fueled by Mirai, which utilized hacked DVRs and webcams to launch the series of attacks.
The historic cyberattack caused a ripple of disruption to websites across all sorts of industries — GitHub, Netflix, Twitter, Walgreens, The New York Times, PayPal, Spotify and many others. It didn’t take long for thousands of Americans to experience the magnitude of a DDoS attack and the potential damage these malicious events can bring about.
“These attacks are not going away,” Ben Herzberg, security group research manager with cybersecurity company Imperva, told The Washington Post.
The challenge in protecting against the type of attacks that caused the recent internet meltdown is that they can be launched from anywhere around the world, but still, there is no mandated regulation that requires device makers to increase the security of the connected devices they put out into the market, Herzberg noted.
“It would be great if we could say, ‘If you want to produce a device connected to the internet, you must go through basic security checks,’ but we don’t have that right now,” he added.