The Federal Bureau of Investigation(FBI) has put companies operating in the whole of US on a high cyber security alert from a new malware threat. The newly released virus has already shown its aptness by disrupting a large segment of the internet in the United States last month.
However, the domestic intelligence and security service of the United States says that the nasty ordeal hasn’t ended yet and will follow if companies fail to take proper precautionary measures.
On October 21st,2016, a Distributed Denial of Service attack was launched on a web service provider called Dyn. The group behind this attack, which was likely backed up by Russia explored the vulnerability of inter-connected devices known as Internet of Things to create a repulsive damage.
After reviewing the situation and the act of cyber attack, FBI issued the following statement late in the evening yesterday.
“The exploitation of the IoT to conduct small to large scale attacks on the private industry hasn’t ended and will continue due to the open availability of the malware source codes for targeting IoT devices and insufficient IoT device security”, stated a spokesperson from FBI’s task force.
The cyber attack on the domain name service hosting company called Dyn created a huge cyber disaster as more than 80 websites crashed in at least two waves of attack propelled by Mirai malware.
FBI’s detailed inquiry revealed that two major cyber attacks using the same malware and botnets knocked out a security blog and a gaming server in September this year.
According to security analysis, Mirai malware has the potential to use a list of 62 common used usernames and passwords, mostly defaults provided by the manufacturers to scan the internet for vulnerable connected devices.
Mirai malware developers have also disclosed on Twitter that the hijacking software has already taken over 380,000 devices which were mostly used by Kerbs on security attack.
Early this year, the French web hosting service OVH was also put down by Mirai Malware.
Now, a variation and proceed of Mirai known as Bashlite is under circulation which has the potential to engage in similar cyberattacks that exploit weaknesses of government websites, especially those serving the direct public.
Mirai’s succeeded bashlite has the potential to overload DNS servers will millions of request at a time and can also sneak into any network to spread malware like ransomware. If at all this happens, then FBI claims that the damage from the cyber attacks will be unmanageable.
According to Dyn security officials, Mirai source code has the capability to take control of a large number of electronic devices such as CCTV cameras, DVRs, smart TVs, routers, and smartphones. Particularly this botnet shows hyperactive signs on Linux OS loaded devices which are an open source running software.
FBI has warned that all government and private agencies should take precautionary measures either to isolate themselves from this malware or to keep the damage to the minimum. The federal agency is recommending companies take backup of data and has asked to keep all sensitive files and proprietary data in separate locations.
Firewalls can also minimize the risk as they have full potential to prevent Denial of service attacks and increase security for devices running on Internet of Things.
FBI’s spokesperson Raushaunah Muhammad said that the notice of FBI is a part of FBI’s public-private partnerships.