Are Connected Homes Mirai’s New Best Friend?

By on

Whenever someone wonders why a strong password is so important, there’s one thing you can remind them of: Dyn. Ring any bells? Here’s a quick refresher: last fall, a good deal of the east coast was taken offline because of an attack on Dyn, a major service provider for big-name websites. That attack occurred because of two reasons: default passwords and Mirai malware, which infected IoT devices that still used these factory-set passwords to create an army of botnets.

Low and behold, that army took down Dyn and created the highest volume of DDoS traffic ever recorded in the process. That, in turn, rendered popular websites like Netflix, Twitter, Spotify, and PayPal, to name a few, dormant. Although this was last fall, remember that the Mirai code is out in the open, which means it’s a threat that’s may be even more relevant today than it was before.

With the rise in popularity of the Internet of Things, we’re using connected devices now more than ever—they’ve just become part of our lifestyle. More specifically, part of our homes.

So how exactly could Mirai capitalize on the connected home? Mirai takes advantage of the fact that consumers rarely change the default passwords set by the manufacturer on their connected devices. That means any device in a connected home that’s unsecured could potentially join the ranks of a botnet army. As consumers bring more and more devices into their homes, there’s just that many more soldiers Mirai can use for its next DDoS attack.

So, as we continue to bring more and more IoT devices into our homes, Mirai needs to remain top of mind as we think about how to stay safe while staying connected. Not to mention, McAfee Labs estimates that 2.5 million IoT devices have already been infected by Mirai by the end of 2016. So, to make sure your IoT devices aren’t enslaved next, here are a few tips to protect you and your family:

  • Check a device’s track record. Before buying a connected device, see if it, or the company offering it, has had issues with being used for attacks. A quick web search will provide you with the research you need to know about the device’s security standards.
  • Keep software up-to-date. This simple best practice often removes vulnerabilities, as providers usually place patches for bugs in each update, especially those recently discovered. So, make sure you install all updates as soon as they’re available.
  • Change defaults and use strong passwords. Default and weak passwords pose the main threat to IoT devices. Practice good password habits, such as using long phrases, special characters, mixed cases, and digits so that your passwords are strong and difficult for cybercriminals to guess.
  • Secure devices with a strong network. Connecting IoT devices to a secure Wi-Fi network will help create an extra layer of security for a connected home. Lock the router with a strong Wi-Fi password and other security protocols, such as WPA2. Additionally, consider a gateway with built in protection like McAfee Secure Home Platform, so that security starts at the heart of it all.

And, of course, stay on top of the latest consumer and mobile security threats by following me and @McAfee_Home on Twitter, and ‘Like’ us on Facebook.

Categories: Consumer Threat Notices
Tags: ,

Leave a Comment

Similar articles

October is finally among us, and things are spookier than usual. One ghost causing some hocus pocus across the World Wide Web is Ghostcat-3PC, a browser-hijacking malware that has launched at least 18 different malvertising campaigns in the last three months. According to SC Magazine, Ghostcat’s goal is to hijack users’ mobile browsing sessions and ...
Read Blog
If you're like most users, you've probably adopted several smart devices into your home over the last few years. Whether it be voice assistants, smart TVs, thermostats, or gaming systems, IoT devices help make our lives easier. But with greater connectivity also comes greater exposure to online threats. However, that doesn't mean users should avoid ...
Read Blog