Russian Banks Become Latest Victim of Mirai Cyberattacks

mirai botnet russia bank cyberattack
A webcam is positioned in front of a danger sign on June 28, 2013, in Paris. Certain devices are susceptible to being hacked and becoming part of the Mirai botnet. LIONEL BONAVENTURE/AFP/Getty Images

Five top Russian banks were hit by prolonged cyber attacks on Tuesday, believed by experts to stem from the same source that took down large portions of the internet last month.

The websites of the banks were targeted with what is known as a distributed denial of service (DDoS) attack. According to Russian security firm Kaspersky, who first reported the attacks, as many as 24,000 hijacked devices—insecure items such as webcams and smart home appliances—were used to knock the websites offline by flooding them with traffic.

The cyberattacks are the latest in a series of major DDoS attacks that have been carried out by a network of compromised Internet of Things (IoT) devices known as the Mirai botnet. Under the control of hackers, Mirai was able to cause dozens of major websites to go offline in October, including Twitter, Reddit and Netflix.

“It has once again highlighted the issues organizations and sectors now face from [the Mirai] threat,” Paul McEvatt, senior cyber threat intelligence manager at Fujitsu, tells Newsweek in an emailed statement. “The issue is that IoT device manufacturers are failing to implement robust security controls from the outset, whether that’s for routers, smart devices or connected cars.”

McEvatt points to an initiative by the Online Trust Alliance (OTA) to produce a framework for IoT security, which includes the introduction of a kite mark standard for IoT devices. Such devices include smart thermostats, fridges and webcams.

Stephen Love from the security firm Insight says: “It is another indication of the opportunities emerging technology is offering hacktivists. With more devices feeding into a network, more access points are created for hackers—a threat businesses today need to take seriously.”

hacking internet of things ddos mirai Graphic shows the security risks the Internet of Things faces, and how hackers can launch a DDoS attack. Reuters Graphics

Mirai works by scanning the internet looking for particular kinds of devices that have an open communication channel—known as a port—through which it can deliver its infection. According to a recent study by the security firm BullGuard, up to 185 million devices may be at risk of being compromised by Mirai.

Cybersecurity pioneer John McAfee believes the attacks will continue to escalate as more devices are added to Mirai’s network.

“People don’t know if their smart refrigerator or toaster is infected by Mirai, and nor do they really care so long as their appliance is still functioning how it should,” McAfee tells Newsweek. “Ultimately, it has the potential to bring down the entire internet. It’s a fucking disaster.”