In this digitalized era, malicious computer code can propagate around the world faster than even the most infectious disease.
Late last week, those behind a new kind of harmful computer code, known as malware, released it publicly for anyone to use. Dubbed Mirai, the malware lodges in vulnerable devices that are connected to the internet– routers, closed circuit cameras and refrigerators.
Those using the malware can harness such devices – commonly left running around the clock – to launch powerful attacks to knock websites off line. For an attack on the website of a well-known security journalist, the malware reportedly amassed an army of one million hacked devices to disable the site.
The newly released Mirai malware spread like wildfire. A British security consultancy, Malware Tech, mapped the spread using its network of 500 servers that emulated the devices commonly targeted by Mirai and provided a time lapse of the spread around the world.
Much of the malware is lodged on closed circuit, or CCTV, cameras, the consultancy said in a blog posting. The malware logs on to the devices using a set list of “62 horribly insecure default passwords,” the blog said, gaining access because many owners don’t customize their own passwords.
“If you went out and bought one of the CCTV cameras Mirai targets and puts it online, it would be infected in less than 5 minutes,” @MalwareTechBlog said in a tweet Tuesday.
The explosive spread of Mirai offers a sign of possible pending dangers as technology spreads into everyday objects in what is known as the “Internet of Things,” analysts said.
“It’s definitely time that manufacturers stopped shipping devices with global default passwords and switch to randomly generated passwords displayed on the bottom of the device,” the Malware Tech blog posting said.
Tim Johnson: 202-383-6028, @timjohnson4