Learning from major cyber security incidents
Learning from major cyber security incidents

Start this free course now. Just create an account and sign in. Enrol and complete the course for a free statement of participation or digital badge if available.

Free course

Learning from major cyber security incidents

4 Case study 3: the Mirai botnet

The Mirai botnet can launch highly sophisticated distributed denial-of-service (DDoS) attacks, which can overwhelm and cripple almost any website. In this section, you’ll look at how the Mirai malware infects Internet of Things (IoT) devices and harnesses their computer power to launch DDoS attacks.

Activity 11

Timing: Allow about 15 minutes
  • a.You may not have met denial-of-service attacks. If not, you should visit Section 3.4 of OpenLearn’s Network security [Tip: hold Ctrl and click a link to open it in a new tab. (Hide tip)] course and read the explanation about DoS attacks. Then visit How to Survive a Botnet Attack (also on OpenLearn) and watch the animated tutorial about botnets.

    You should open the links in new tabs or windows by holding down Ctrl (or Cmd on a Mac) when you click on the link. Return here when you have finished.

    Briefly explain what denial-of-service attacks and botnets are.

Answer

Denial-of-service attacks prevent the normal use or management of communication services, and may take the form of either a targeted attack on a particular service or a broad, incapacitating attack. For example, a network may be flooded with messages that cause a degradation of service or possibly a complete collapse if a server shuts down under abnormal loading. Another example is rapid and repeated requests to a web server, which bar legitimate access to others. Denial-of-service attacks are frequently reported for internet-connected services.

(OpenLearn, no date)

The term botnet or ‘zombie army’ is used to refer to a number of computer networks that have become infected as a result of malicious third-party software sneaking onto a user’s computer and then linking it to others to send spam to, or steal data from.

(OpenLearn, 2011)
  • b.Now watch Video 2 which briefly explains what the Mirai botnet is. As you watch note down how the botnet attacks a website.

Download this video clip.Video player: Video 2
Skip transcript: Video 2  The Mirai botnet

Transcript: Video 2  The Mirai botnet

[MUSIC PLAYING]

KAT COURTNEY:
Hello, and welcome to another Norton Vulnerability Alert. In October of 2016, we saw the first major outbreak of malware that targets the internet of things. This type of malware can infect multiple types of connected devices, including DVRs, printers, and even connected home appliances. This malware, dubbed the Mirai malware, is the first major threat on connected devices, and it’s evolving quickly.
Mirai was able to gain access to these devices by using the default passwords and usernames that the connected devices shipped with. These infected devices were then used in distributed denial of services attacks by creating a botnet. A botnet is a network of various devices that have been infected with malware and which are controlled remotely. The owner of the botnet can then cause the affected devices to send large amounts of data to a target.
In the case of Mirai, affected devices were instructed to send mass amounts of data to a large website hosting company, which caused many popular websites to be taken offline. Initially, this strain of malware only infected Linux-based systems. However, a version that affects Windows machines has now been discovered, increasing the potential of this threat. While there hasn’t yet been a widespread outbreak of the new Windows variant, it is important to make sure you’re protected in case of such an outbreak.
In addition to maintaining safe browsing practices, you should consider using an internet security programme. Norton Security provides up-to-date protection for your devices. Norton even detects this new version of the Mirai malware.
A good practice in helping to stay protected from these kinds of threats is to change any default passwords that come with the device. Wireless routers, for instance, come with default passwords that anyone can find with a quick search online. Changing these passwords to a unique password can help greatly in protecting yourself and your network.
As mentioned before, Norton Security provides protection from this threat, as well as many others. You can check it out at norton.com. Thanks for watching, and keep an eye out for the next Norton Vulnerability Alert.

[MUSIC PLAYING]

End transcript: Video 2  The Mirai botnet
Video 2  The Mirai botnet
Interactive feature not available in single page view (see it in standard view).
To use this interactive functionality a free OU account is required. Sign in or register.
Interactive feature not available in single page view (see it in standard view).
TM255_1

Take your learning further

Making the decision to study can be a big step, which is why you'll want a trusted University. The Open University has 50 years’ experience delivering flexible learning and 170,000 students are studying with us right now. Take a look at all Open University courses.

If you are new to University-level study, we offer two introductory routes to our qualifications. You could either choose to start with an Access module, or a module which allows you to count your previous learning towards an Open University qualification. Read our guide on Where to take your learning next for more information.

Not ready for formal University study? Then browse over 1000 free courses on OpenLearn and sign up to our newsletter to hear about new free courses as they are released.

Every year, thousands of students decide to study with The Open University. With over 120 qualifications, we’ve got the right course for you.

Request an Open University prospectus371