IBM X-Force: Mirai is increasingly targeting enterprise IoT devices

Researchers from IBM X-Force have found variants of the infamous IoT botnet Mirai are increasingly targeting enterprise devices.

Mirai caused havoc in 2016 when it was used to flood DNS provider Dyn with unprecedented amounts of traffic. Dyn’s downtime impacted some of the world’s most popular services including Twitter, Spotify, PlayStation Network, GitHub, Netflix, and Soundcloud.

There are more than 60 known variants of Mirai. Typically, these variants have sought to infect easily hackable devices like cheap security cameras using default passwords.

IBM’s security team, X-Force, has documented a large uptick in Mirai activity. A particular spike was noted in November 2018, while activity has doubled between Q1 2018 and Q1 2019.

mirai-attacks

Mirai is advancing beyond cheap consumer IoT devices into the big leagues. Enterprise devices including those used for manufacturing, healthcare, inventory tracking, and more are now at risk.

attack-industries

The number of IoT devices being deployed is rapidly increasing, and the risk along with it. IDC forecasts there will be 41.6 billion connected IoT devices generating 79.4 zettabytes of data in 2025.

In a blog post, IBM researchers wrote:

“Historically, simpler internet of things devices such as routers and CCTV cameras were most affected, but recent IBM X-Force data indicates that threat actors are increasingly targeting enterprise devices.

The attack landscape has been saturated with attacks against IoT devices since the Mirai botnet was discovered back in 2016.”

Beyond the potential to steal information or disrupt operations, botnets are being increasingly used to mine cryptocurrencies. In March, IBM X-Force found a Mirai-like botnet aimed at enterprise IoT devices that were seen dropping cryptocurrency miners and backdoors onto affected devices.

According to X-Force’s research data, Mirai and its variants are by far the most popular malware to hit enterprise networks in 2019 to date. The next Dyn-like attack feels just a matter of time, and it will likely make what came before it appear minuscule.

https://www.iottechexpo.com/wp-content/uploads/2018/09/iot-tech-expo-world-series.pngInterested in hearing industry leaders discuss subjects like this? Attend the IoT Tech Expo World Series events with upcoming shows in Silicon Valley, London, and Amsterdam.

Related Stories

Leave a comment

Alternatively

This will only be used to quickly provide signup information and will not allow us to post to your account or appear on your timeline.