1 / 3

Semalt Expert: Which Lessons Can We Take From Mirai Botnet Attacks?

Semalt, semalt SEO, Semalt SEO Tips, Semalt Agency, Semalt SEO Agency, Semalt SEO services, web design, web development, site promotion, analytics, SMM, Digital marketing

KaziFaruk
Download Presentation

Semalt Expert: Which Lessons Can We Take From Mirai Botnet Attacks?

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. 23.05.2018 Semalt Expert: Which Lessons Can We Take From Mirai Botnet Attacks? Nik Chaykovskiy, the Semalt expert, explains that botnets, as a major internet threat, require a combination of tactics to defend against enormous traf?c volumes. Internet experts commend combination of methods to guard against botnet attacks. Any internet user might probably have come across Mirai-inspired headlines. The botnet was launched in late 2016 by unknown online hackers who built an automated collection of internet-linked video recorders and webcams. The botnet, eventually labeled as "Mirai," has been the source of DDoS (distributed-denial- of-service) attacks on several sites. Mirai Botnet Timeline The highlighted timeline reveals how the malware becomes more dangerous and potent over time. Firstly, Brian Krebs, an investigative journalist was targeted on 20th of September 2016. The top investigative InfoSec journalist https://rankexperience.com/articles/article1649.html 1/3

  2. 23.05.2018 became the target of the largest DDoS attack ever witnessed – over 650 billion bits per second. The attack was launched by 24,000 Mirai infected systems. Secondly, Mirai source code was released on GitHub on 1st October 2016. On this date, a hacker by the name Anna- Senpei released Mirai code online where it has been downloaded over thousand times from GitHub site. In this connection, Mirai botnet spread even further as more criminals started to use the tool in assembling their armies. Finally, on the 1st of November, 2016, Liberia's internet connection was cracked down. According to internet security researchers, Mirai was behind the disruption of Liberia's internet connection in early November. The country was targeted because of its single ?ber connection, and Mirai botnet overwhelmed the connection with a traf?c ?ood of over 500Gbps. Eight Lessons for IT leaders on preventing DDoS attacks 1. Build a DDoS strategy 1. Build a DDoS strategy Any internet user can be a target by Mirai DDoS, and it is the high time to create a more de?nitive security approach. The DDoS attack mitigation approaches should be superior to security-by-obscurity plan. 2. Review how the business acquires its DNS services 2. Review how the business acquires its DNS services It is recommended that large enterprises use both DNS and Dyn providers such as EasyDNS and OpenDNS for redundant operations. It is a great tactic in the event of future DNS attacks. 3. Employ anycast DNS provider in the company 3. Employ anycast DNS provider in the company Anycast denotes communication between one sender and the closest receiver in a group. The recommendation is capable of spreading attacking botnet request across distributed networks hence decreasing the burden on speci?c servers. 4. Check routers for DNS hijacking 4. Check routers for DNS hijacking F-Secure, a cybersecurity company that provides a free tool for determining any changes in a router's DNS settings. All home routers accessing a corporate network should be checked regularly to prevent DDoS attacks. 5. Reset default factory passwords on network equipment 5. Reset default factory passwords on network equipment The unchanged default factory passwords permit Mirai to gather multiple endpoint IoT routers and webcams. Again F-Secure tool is used in this operation. 6. Reboot routers 6. Reboot routers Rebooting eliminates infection since Mirai is memory-resident. However, rebooting is not a long-term solution since criminals use scanning techniques for re-infecting routers. 7. Get network forensics 7. Get network forensics https://rankexperience.com/articles/article1649.html 2/3

  3. 23.05.2018 It entails capturing the attack traf?c to establish potential hackers of a company's network. Thus, companies should have a monitoring tool in place. 8. Consider hiring a CDN provider services to handle peak traf?c 8. Consider hiring a CDN provider services to handle peak traf?c The historical patterns assist in determining if web servers are experiencing additional load balancing or are stretched too thin. CDN can improve its performance. https://rankexperience.com/articles/article1649.html 3/3

More Related