By Anthony Giandomenico | January 14, 2019
Malware is becoming increasingly destructive. Below is a short history of this trend, along with steps organizations can take to combat it.
(This byline originally appeared in SC Media as a bylined article.)
We begin with Mirai that, in the summer of 2016, was responsible for the largest DDoS attack in history. It was built using millions of vulnerable IoT devices and then used to bring down a large chunk of the internet. This began a new ransomware trend where, rather than having to break in and encrypt devices without being detected, which could take weeks to accomplish, automated botnets comprised of hijacked IoT devices executed DDoS-based ransom attacks. Swarms of independent yet centrally controlled devices with no designated user, and often with no OS to patch or update, were especially difficult to combat.
However, the security research community predicted that Mirai was not an end in itself but was primarily launched to test the capabilities of swarms of compromised IoT-based devices. This proved to be right.
Mirai’s successor was the Hajime ransomworm. While Mirai was basically a blunt force instrument, Hajime included an impressive set of sophisticated cybertools. It was cross-platform, supported five different platforms, and included a toolkit filled with automated tasks, remotely updatable password lists and the ability to download other malicious code, such as brickerbot.