How Does Mirai Work?

Search in book...
Toggle Font Controls
Create new playlist

Name your new playlist

Playlist description (optional)
Sign In

Email address

Password

Forgot Password?

or

Continue with Facebook

Continue with Google
Sign Up

Full Name

Email address

Confirm Email Address

Password

or

Continue with Facebook

Continue with Google

Previous Chapter

MIRAI

Next Chapter

SPAM EMAILS

How Do They Attack?

Since the IoT has experienced tremendous growth over the past few years; one hacking strategy

which is particularly prominent is the inﬂux of DDoS campaigns. IoT devices primarily run

Unix and Linux-based operating systems. This makes it easier for the cybercriminals to trap

them with ELF (executable and linkable format) binaries. This format for ﬁles is commonly

found in the ﬁrmware of embedded systems. The delivery method of the cyberthreat mainly

looks to infect telnet or SSH (secure shell) network protocols. To hack them, they try multiple

strategies. For instance, they try to exploit hardcoded and default credentials.

Similarly, they can also use a common hacking strategy known as a brute-force attack. Abrute

attack is one in which hackers use automated software to try out a large number of guesses to

ﬁgure out the passwords of their victims. Those who do not follow the modern password protec-

tion techniques often ﬁnd themselves entangled into the quagmire of a brute force attack.

After the successful inﬁltration, the payload of a cyberattack is received by the infected

device which then adds it in the botnet.

List all the possible ways one can avoid Botnet attacks?

Flash Question

What Makes the IoT Devices a Target of Botnets?

Nowadays cybercriminals are sophisticated and laced with all the modern IT tools. If they are

targeting IoT devices, then they are so rampant because of the following reasons.

• It is quite easy for cybercriminals to infect embedded devices due to two factors: the use

of default credentials and exposed services.

• IoT devices are primarily 24/7 available, and they are currently experiencing a major adoption.

• Many IoT devices are the o-the-shelf oerings; their standards of security are

considerably low. For example, the password of the root user is “root” and the password

of the admin user is “admin”. For a cybercriminal using DDoS or brute force attack, it is

just a matter of minutes to hack such IoT devices. Things remain this way unless a user

decides to put an end and adjust the password.

• The cyberthreats which are used in the botnet attacks are formidable enough to guess

default passwords. This does not allow users to safely login.

• There is an extensive list of IoT devices which are neither monitored nor maintained

carefully. As a consequence, it becomes a walk in the park for cybercriminals to shut it

down and force it to become a ”digital hostage”.

• Cybercriminals view the IoT ecosystem as a cost-eective medium for their

ambitions. A single compromised device can lead to hack hundreds and thousands

of devices. On the other hand, the expenses required to access and control services

while targeting businesses with standard DDoS attacks cost a lot more to organize a

cyberattack.

Monetization

After the success of attacks, particularly Mirai and Bashlite’s, many cybercriminals were

impressed and begun to create their own malware. Consequently, a slew of botnets came into

existence and cybercriminals also started to look for fresh victims.

Chapter 11 Security Challenges for IoT 273

Internet_of_Things_CH11_pp271-308.indd 273 9/3/2019 10:16:19 AM

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.

Table of Contents for How Does Mirai Work?

Create new playlist

Sign In

Sign Up

Table of Contents for
How Does Mirai Work?