The Mirai worm is gnawing its way through the Internet of Things and will not stop


The Mirai worm made its way into information security lore in September, when it was identified as the source of the punishing flood of junk traffic launched against Brian Krebs in retaliation for his investigative reporting about a couple of petty Israeli criminals; subsequent analysis showed Mirai to be amateurish and clumsy, and despite this, it went on to infect devices all over the world, gaining virulence as it hybridized with other Internet of Things worms, endangering entire countries, growing by leaps and bounds, helped along by negligent engineering practices at major companies like Sony.

Lily Hay Newman's Wired article on Mirai provides some much-needed context into Mirai's past and future, and makes a persuasive case that IoT worms are going to get a lot worse before it has any hope of getting better.


Mirai will ultimately be a "transient threat" in the broader landscape of IoT security, as a report published this week by the Institute of Critical Infrastructure Technology notes. Hackers get bored with shiny new toys just like anyone, and eventually the IoT industry will erode Mirai's vulnerable device population.

That's not going to happen in the near future, though. Mirai already has enough fodder to sustain it for years—and more susceptible products roll off of assembly lines every day. As the report adds, Mirai "has inspired a renaissance" in IoT vulnerability exploitation. In the meantime, expect more mayhem.

"Who knows what's going to actually come up before the end of the year," Digital Shadows' Holland says. "Mirai is certainly not going away any time soon."

The Botnet That Broke the Internet Isn't Going Away [Lily Hay Newman/Wired]