Digital Shadows report reveals that the Mirai Botnet isn't going away
Source: Digital Shadows , Author: Posted by BI-ME staff
Posted: Fri December 30, 2016 12:50 pm

UAE. Digital Shadows, a provider of cyber situational awareness, released its new report Mirai and The Future, Forecasting the DDoS Landscape in 2017. The emergence of the Mirai botnet - a type of malware that automatically finds Internet of Things (IoT) devices to infect - earlier this year was hailed as a major development in malware but according to the report, this could be a tip of the iceberg as cybercriminals rush to adapt and develop the original Mirai code.

Mirai translates from Japanese as the ‘future’ and if claims by actors such as BestBuy and Popopret are true, the total number of IoT devices infected with Mirai has increased since this malware variant was publicly released on September 30, 2016. 

“We know criminals move quickly to exploit new malware and techniques and find new ways to monetize them for profit,” said Rick Holland, VP Strategy at Digital Shadows. “So we can see a time when DDoS extortion actors have succeeded in creating new models for generating a ransom payment. Instead of solely relying on a target company, groups will use social media platforms to crowdsource the ransom payment from users who are dependent on the service,” Holland said.

Mirai botnet is part of an emerging global trend of large and complex cyberattacks that are difficult to spot and even more difficult to prevent in an increasingly digitalised world. Countries in the Middle are witnessing significant economic and technological transformation due to growing business opportunities in large industries such as banking, financial services, insurance (BFSI) and the region’s dominance in heavy industries such as oil and gas.

“As organisations and individuals in the Middle East and especially the UAE and Saudi Arabia turn increasingly towards internet enabled devices, it is even more critical there is better awareness of the problem,” said Holland. “Businesses selling Internet enables devices have to be aware of the risks and do more to secure these devices. We are consumers, need to ensure we use the same degree of Cybersecurity scrutiny and awareness as we do surfing the web from a PC.”

The Mirai botnet first discovered earlier in the summer utilizes ‘Internet-of-Things’ (IoT) devices, such as Internet-enabled digital video recorders (DVRs), surveillance cameras, and other Internet-enabled embedded devices, and has been utilized by attackers to launch multiple high-profile, high-impact DDoS attacks against various Internet properties and services, including Talk Talk and the Post Office in the UK.

There are three main motivations behind those who use DDoS as a tactic:

- Online protest, typically planned, orchestrated and launched by hacktivist groups. These campaigns have targeted specified industries and geographies, both in the private and public sector.
- Financial profitability, a significant motivation for a number of actors, such as extortion actors who use the threat of DoS or DDoS in return for a ransom payment. This is largely, although not exclusively, the preserve of the cybercriminal. DDoS attacks may also be used as a distraction for network intrusions conducted for profit.
- Political gain, launched by nation state affiliated actors.

Mirai has proven itself to be remarkably flexible and adaptable as a result of which hackers can develop different strains of Mirai that can take over new vulnerable IoT devices and increase the population Mirai botnets can draw on.

The report suggests that 2017 is likely to see a range of new Mirai variants utilizing and adapting the original source code to target organisations and governments, by hacktivists, cybercriminals motivated by financial gain through extortion and politically motivate actors.

Mirai and the Future: Mirai and The Future: Full Report

Photo Caption: Rick Holland, VP Strategy at Digital Shadows

About Digital Shadows
Digital Shadows provides cyber situational awareness that helps organizations protect against cyber attacks, loss of intellectual property, and loss of brand and reputational integrity. Its flagship solution, Digital Shadows SearchLight™, is a scalable and easy-to-use data analysis platform that provides a view of an organization’s digital footprint and the profile of its attackers. It is complemented with intelligence operations analyst expertise to ensure extensive coverage, relevant intelligence and frictionless deployment. SearchLight continually monitors the visible, deep and dark web and other online sources to create an up-to-the minute view of an organization and the risks requiring mitigation. The company is jointly headquartered in London and San Francisco. For more information, visit http://www.digitalshadows.com

 

MIDDLE EAST BUSINESS COMMENT & ANALYSIS

date:Posted: March 27, 2017
UAE. PwC issues new report jointly with the Global Manufacturing & Industrialisation Summit; The report outlines a roadmap for CIOs to manage the transformation of industrial companies to successfully adopt IIoT; Devising a digital strategy is key for manufacturers
date:Posted: March 27, 2017
UAE. The strongest growth rate for 2014-2015 in the region was led by Saudi Arabia and the UAE, according to a new report from The Boston Consulting Group.
date:Posted: March 27, 2017
UAE. As banks seek to be more competitive and enhance customer experiences, many look to transform their old legacy banking systems with more efficient new core solutions.
UAE. A recent study by The Boston Consulting Group found that, in 2016, GCC banks' revenues grew by 5.2%, down about 2 percentage points from 2015; The impact of the decline in oil prices has hit the banking industry; Profits declined by 3.2% for the first time since 2008.
dhgate