Don't you hate it when one loud co-worker at the office takes all the credit and keeps the rest of the team out of management's eye? Welcome to the world of Internet of Things (IoT) malware, where several families do their malicious worst — only to hear IT professionals droning on about Mirai, Mirai, Mirai.
Don't be misled: Mirai is still out there recruiting low-power IoT devices into botnets, but it's certainly not the only piece of malware you should be aware of. Mirai wasn't even the first of the big-name IoT baddies — that distinction goes to Stuxnet — but the sheer size of the attacks launched using the Mirai botnet and the malware's dogged persistence on devices around the world have made it the anti-hero poster child of IoT security.
Mirai has continued to grow through variations that make it a malware family rather than a single stream of malware. And it's not alone: Malware programmers are much like their legitimate software development counterparts in their programming practices and disciplines, making code reuse and modular development commonplace. Each of these can make it tricky to say whether a bit of malware is new or just a variant. Regardless, security professionals have to stop all of them.
This latest list of IoT miscreants doesn't limit itself to botnets. You'll also find data wipers, cryptominers, and data capture clients. And if there's one thing cybersecurity professionals can count on, it's that malware authors will continue to apply their creativity and programming skills to new forms of criminal code that will be unleashed on the IoT.
What kind of malware are you dreading most? And what kind do you think will all but disappear in the coming years? Share your thoughts with the Dark Reading community in the Comments section, below.
(Image: peshkov VIA Adobe Stock)