Dive Brief:
-
An international team of researchers used the source code from the Mirai DDoS attack to develop a white worm to defend insecure IoT devices, according to Network World.
-
AntibIoTic uses the Mirai bot design to access and control IoT devices with poor security. The worm injects them with code that works like an antibiotic and then attempts to alert the device owner to fix the problem.
-
After the first major Mirai attack last year, the source code was published on Github.
Dive Insight:
Last October's record-breaking 620 Gpbs Mirai botnet DDoS attack affected Twitter, Etsy, Github, Spotify, Reddit, Netflix and SoundCloud, among others, and demonstrated an internet choke point where scores of companies could be impacted. The attack was particularly notable because the Mirai botnet harnessed "zombie" Internet of Things devices to work on its behalf for the first time.
The attack spurred many security improvements, including the prompt recall of devices by several IoT device makers to recall or reevaluate security. More recently, a group of bipartisan senators proposed a law to secure the IoT, placing the onus on manufacturers to adequately secure internet-connected devices.
Though many groups have worked to improve IoT security, experts say some devices are impossible to fix because of hard-coded back doors or an inability to update software. Avoiding such products is likely to be advantageous for companies acquiring IoT devices.
Though there was significant initial concern that releasing the Mirai source code would cause harm, it appears to have had the opposite effect by allowing researchers to develop this vaccine.
