Course content Course content

Learning from major cyber security incidents

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

More free courses

4 Case study 3: the Mirai botnet

The Mirai botnet can launch highly sophisticated distributed denial-of-service (DDoS) attacks, which can overwhelm and cripple almost any website. In this section, you’ll look at how the Mirai malware infects Internet of Things (IoT) devices and harnesses their computer power to launch DDoS attacks.

Activity 11

Timing: Allow about 15 minutes

a.You may not have met denial-of-service attacks. If not, you should visit Section 3.4 of OpenLearn’s Network security [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)] course and read the explanation about DoS attacks. Then visit How to Survive a Botnet Attack (also on OpenLearn) and watch the animated tutorial about botnets.
You should open the links in new tabs or windows by holding down Ctrl (or Cmd on a Mac) when you click on the link. Return here when you have finished.
Briefly explain what denial-of-service attacks and botnets are.

Answer

Denial-of-service attacks prevent the normal use or management of communication services, and may take the form of either a targeted attack on a particular service or a broad, incapacitating attack. For example, a network may be flooded with messages that cause a degradation of service or possibly a complete collapse if a server shuts down under abnormal loading. Another example is rapid and repeated requests to a web server, which bar legitimate access to others. Denial-of-service attacks are frequently reported for internet-connected services.

(OpenLearn, no date)

The term botnet or ‘zombie army’ is used to refer to a number of computer networks that have become infected as a result of malicious third-party software sneaking onto a user’s computer and then linking it to others to send spam to, or steal data from.

(OpenLearn, 2011)

b.Now watch Video 2 which briefly explains what the Mirai botnet is. As you watch note down how the botnet attacks a website.

Download this video clip.Video player: Video 2

Show transcript|Hide transcript

Transcript: Video 2 The Mirai botnet

[MUSIC PLAYING]

KAT COURTNEY:

Hello, and welcome to another Norton Vulnerability Alert. In October of 2016, we saw the first major outbreak of malware that targets the internet of things. This type of malware can infect multiple types of connected devices, including DVRs, printers, and even connected home appliances. This malware, dubbed the Mirai malware, is the first major threat on connected devices, and it’s evolving quickly.

Mirai was able to gain access to these devices by using the default passwords and usernames that the connected devices shipped with. These infected devices were then used in distributed denial of services attacks by creating a botnet. A botnet is a network of various devices that have been infected with malware and which are controlled remotely. The owner of the botnet can then cause the affected devices to send large amounts of data to a target.

In the case of Mirai, affected devices were instructed to send mass amounts of data to a large website hosting company, which caused many popular websites to be taken offline. Initially, this strain of malware only infected Linux-based systems. However, a version that affects Windows machines has now been discovered, increasing the potential of this threat. While there hasn’t yet been a widespread outbreak of the new Windows variant, it is important to make sure you’re protected in case of such an outbreak.

In addition to maintaining safe browsing practices, you should consider using an internet security programme. Norton Security provides up-to-date protection for your devices. Norton even detects this new version of the Mirai malware.

A good practice in helping to stay protected from these kinds of threats is to change any default passwords that come with the device. Wireless routers, for instance, come with default passwords that anyone can find with a quick search online. Changing these passwords to a unique password can help greatly in protecting yourself and your network.

As mentioned before, Norton Security provides protection from this threat, as well as many others. You can check it out at norton.com. Thanks for watching, and keep an eye out for the next Norton Vulnerability Alert.

[MUSIC PLAYING]

End transcript: Video 2 The Mirai botnet

Download

Video 2 The Mirai botnet

Interactive feature not available in single page view (see it in standard view).

To use this interactive functionality a free OU account is required. Sign in or register.

Interactive feature not available in single page view (see it in standard view).

Previous 3.4 What lessons can be learnt?

Next 4.1 What was the attack?

Take your learning further

Making the decision to study can be a big step, which is why you’ll want a trusted University. We’ve pioneered distance learning for over 50 years, bringing university to you wherever you are so you can fit study around your life. Take a look at all Open University courses.

If you’re new to university-level study, read our guide on Where to take your learning next, or find out more about the types of qualifications we offer including entry level Access modules, Certificates, and Short Courses.

Want to achieve your ambition? Study with us and you’ll be joining over 2 million students who’ve achieved their career and personal goals with The Open University.

Browse all Open University courses

My OpenLearn Profile

About this free course

Author

Become an OU student

Download this course

Share this free course