Scoop has an Ethical Paywall
License needed for work use Register

Video | Agriculture | Confidence | Economy | Energy | Employment | Finance | Media | Property | RBNZ | Science | SOEs | Tax | Technology | Telecoms | Tourism | Transport | Search


Symantec Security Response

Symantec Security Response:

What you need to know about the Mirai botnet behind recent major DDoS attacks

A distributed denial of service attack (DDoS) on DNS provider Dyn last week managed to disrupt an array of the internet’s biggest websites, including Spotify, Twitter, and PayPal.

What was most interesting about this attack was that it was largely carried out using an Internet of Things (IoT) botnet called Mirai (Linux.Gafgyt).

Q: How does Mirai work?

A: Mirai works by exploiting the weak security on many IoT devices. It operates by continuously scanning for IoT devices that are accessible over the internet and are protected by factory default or hardcoded user names and passwords.

Q: What devices are at risk of exploitation/infection?

A: Routers, DVRs, CCTV cameras, and any other ‘smart’, internet-connected appliances are at risk of attack.

Q: How are device manufacturers responding?

A: The Chinese electronics firm behind many of the webcams used in the attack on Dyn’s services, XiongMai Technologies, issued a recall for many of its devices following the attack.

Q: Can a Mirai infection be removed?

A: Devices that become infected with Mirai can be cleaned by restarting them. However, due to constant scanning for devices by the botnet, vulnerable devices can become re-infected within a matter of minutes of going back online unless the default credentials are changed.

Advertisement - scroll to continue reading

Are you getting our free newsletter?

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.

Q: What can I do to protect my devices and prevent them from becoming infected?

A: Symantec Security Response has the following tips to protect your IoT device from becoming infected with malware.

• Research the capabilities and security features of an IoT device before purchase

• Perform an audit of IoT devices used on your network

• Change the default credentials on devices. Use strong and unique passwords for device accounts and Wi-Fi networks

• Use a strong encryption method when setting up Wi-Fi network access (WPA)

• Disable features and services that are not required

• Disable Telnet login and use SSH where possible

• Disable Universal Plug and Play (UPnP) on routers unless absolutely necessary

• Modify the default privacy and security settings of IoT devices according to your requirements and security policy

• Disable or protect remote access to IoT devices when not needed

• Use wired connections instead of wireless where possible

• Regularly check the manufacturer’s website for firmware updates

• Ensure that a hardware outage does not result in an unsecure state of the device

For more information or to speak to a Symantec spokesperson please contact Veronica Rojo at or visit the Symantec Security Response blog post available here.


© Scoop Media

Advertisement - scroll to continue reading
Business Headlines | Sci-Tech Headlines

FMA: MAS To Pay $2.1M Penalty For Making False Representations

Following proceedings brought by the FMA, MAS has been ordered to pay a $2.1M penalty for making false and/or misleading representations to some customers. MAS admitted failing to correctly apply multi-policy discounts and no claims bonus discounts to some customers, failing to correctly apply inflation adjustments on some customer policies, and miscalculating benefit payments.More

IAG: Call On New Government To Prioritise Flood Resilience

The economic toll of our summer of storms continues to mount, with insurance payouts now topping $1B, second only to the Christchurch earthquakes. AMI, State, & NZI have released the latest Wild Weather Tracker, which reveals 51,000 claims for the North Island floods & Cyclone Gabrielle, of which 99% (motor), 97% (contents), and 93% (home) of claims have now been settled. More


Join Our Free Newsletter

Subscribe to Scoop’s 'The Catch Up' our free weekly newsletter sent to your inbox every Monday with stories from across our network.