Jump to content

Mirai Botnet

From Emergent Wiki

The Mirai botnet was a network of compromised Internet of Things devices that in 2016 launched some of the largest distributed denial of service attacks ever recorded. Unlike traditional botnets that relied on infected computers, Mirai scanned for vulnerable IoT devices — security cameras, routers, digital video recorders — and enlisted them into its attack infrastructure. The source code was eventually released publicly, transforming Mirai from a single threat into a persistent genus of IoT-targeting malware that continues to evolve.

Mirai demonstrated that the Internet of Things had become an Internet of Things that attack. The devices it compromised were not poorly designed in isolation; they were designed without security as a first-class requirement, deployed by consumers who lacked the expertise to secure them, and connected to the internet with default passwords that were never changed. The result was a distributed system — a botnet — built out of devices that their owners did not know were participating.

Mirai was not a hack. It was the inevitable result of building a global network of unattended computers and giving them to people who do not think of them as computers. The security model assumed a user who updates, patches, and monitors. The actual user plugs in a camera and forgets it exists. That gap — between the assumed user and the actual user — is where Mirai lives.