IoT cybersecurity news

DDoS Attack with 13K+ IoT Devices Reminder of Basic Security Hygiene

DDoS via Mirai variant

It seems that 2024 was a record-breaking year…for Mirai.

Cloudflare reports having blocked the largest-ever DDoS attack to be reported to date originating from a Mirai-variant botnet in October (Read more at The Hacker News).

This particular attack made use of more than 13,000 Internet of Things devices over the course of 80 seconds. What better time than now to look back at our then-5-year Mirai retrospective, which is itself four years in the past?

Given the length of time that Mirai has been around and the amount that is known about the bot, current Mirai breaches canโ€™t truly be qualified as hacks. They are more accurately described as poorly implemented security designs that fail to protect against a known vulnerability.

That vulnerability is a lack of basic security hygiene for IoT devices.

Basic security measures for IoT devicesโ€“โ€“inventory management, patching, and credential managementโ€“โ€“are often overlooked as part of a broader cybersecurity posture. With an average timeframe for applying patches and rotating credentials clocking in at seven years, devices are often the softest targets on the network today.

Read the full piece here on our blog.

Author

Phosphorus Cybersecurity

Phosphorus Cybersecurityยฎ is the leading xTended Security of Thingsโ„ข platform designed to find, fix, and monitor the rapidly growing and often unmonitored Things of the enterprise xIoT landscape.