Liberians struggling to connect to the Internet have been dealing with DDoS attacks related to a Mirai malware infection, the same botnet-driven cause of several large-scale Internet access disruptions since the open-source malware code was publicly released.
It’s the same type of attack that blocked access to Twitter, Netflix and a host of other sites a few weeks ago, when the Dyn company in the United States – a firm that delivers access to websites through its servers – was brought down by a torrent of overwhelming traffic. That’s the mechanism of a DDoS attack, with an unending flood of illegitimate data requests so that real users can’t get access they need.
Analysts have called Liberia an “unlikely target,” even as they point out that there’s one undersea cable servicing Internet connectivity for the entire country – which creates a single point vulnerable to attack.
But just how prepared is the African continent for Mirai attacks? They’re carried out in part through CCTV cameras, appliances and other devices connected to the rapidly evolving Internet of Things, and that’s one reason why the South African HTXT tech site recently looked at the spread of Mirai in Africa.
On the one hand, at least in South Africa, there were not a lot of connected devices, one CCTV industry provider told HTXT. Yet a real-time map available from security firm Malware Tech shows Mirai popping up in Madagascar, Uganda, Libya, Mauritania – and yes, South Africa as well.
Experts say there’s not yet any real way to avoid having devices targeted, but it’s imperative to make sure your password is as secure as possible against the automated guessing-game that can open your machines to Mirai. So stop using default or generic passwords, and disable remote WAN access.
Security analysts at Imperva Incapsula also offer a tool link to verify that your device is secured against remote access.
“With over a quarter billion CCTV cameras around the world alone, as well as the continued growth of other IoT devices, basic security practices like these should become the new norm,” their team wrote in a blog posted last week. “Make no mistake; Mirai is neither the first nor the last malware to take advantage of lackluster security practices.”
Image: Malware Tech