Since it first caused chaos by destroying a major DNS provider in 2016, Mirai ‘s malware has split into more than 60 known options and targeted a large enterprise.
IBM X-Force researchers noted a sharp rise in Mirai activity: the jump began in November 2018, and between the first quarter of 2018 and the first quarter of 2019 – was twice as high, according to a blog post.
Experts said that the new options can affect cloud servers and strongly compromise information and insurance services and so greedy industries. As a result, connected devices at the enterprise level are at risk, including medical devices, utility meters, robots that track warehouse stocks, and other devices.
Devices connected to cloud services can allow Mirai opponents to access cloud services, infect the server with additional malware dropped by Mirai, or expose all Internet of Things devices connected to the server to further compromise.
“Simpler devices (IoT) were hit the most, including routers and CCTV cameras, but the latest data from IBM ‘s X-Force organization suggests that threats are increasingly targeting large businesses,” experts wrote in their diary, “the attacks have had high activity on the devices IoT since the Mirai botnet was discovered back in 2016.”
The number of connected devices is expected to grow by 31 billion in 2020 and the internet market will reach 3 trillion by 2026, while Mirai attacks have been steadily increasing since 2018.
Experts warn users that the threat has gone far beyond consumer goods and that the network ‘s advocates should start taking measures to protect their IoT facilities that could be attacked by Mirai.
Various loads allow malware to navigate victim and hardware selection without problems, an increase in the number of Mirai-like botnets is aimed first at infecting increasingly common Internet devices, and newly discovered samples like Mirai have been compiled to attack new processors and device architectures.
The bot network is a threat because Internet devices can be used as cryptographers, threat-creating devices, develop more creative ways to deliver malicious loads, and new vulnerabilities allow for, and increasingly update, exploits, while slow implementation of patches allows attackers to exploit these untapped vulnerabilities.
For reliable protection against current and future threats such as Miria, experts recommend that users regularly scan all Internet resources, protect devices with a secure password using reliable credentials, and restrict access to Internet devices by placing them behind firewalls and other network security tools.
Enterprises should track unexpected outbound Wget or PowerShell requests that may attempt to extract a malicious load, encrypt Internet device interactions, use threat information to track trends, and limit outbound activity of IoT devices that do not require external access.