IBM X-Force: Mirai is increasingly targeting enterprise IoT devices

IBM X-Force: Mirai is increasingly targeting enterprise IoT devices
Ryan is an editor at TechForge Media with over a decade of experience covering the latest technology and interviewing leading industry figures. He can often be sighted at tech conferences with a strong coffee in one hand and a laptop in the other. If it's geeky, he’s probably into it. Find him on Twitter: @Gadget_Ry

Researchers from IBM X-Force have found variants of the infamous IoT botnet Mirai are increasingly targeting enterprise devices.

Mirai caused havoc in 2016 when it was used to flood DNS provider Dyn with unprecedented amounts of traffic. Dyn’s downtime impacted some of the world’s most popular services including Twitter, Spotify, PlayStation Network, GitHub, Netflix, and Soundcloud.

There are more than 60 known variants of Mirai. Typically, these variants have sought to infect easily hackable devices like cheap security cameras using default passwords.

IBM’s security team, X-Force, has documented a large uptick in Mirai activity. A particular spike was noted in November 2018, while activity has doubled between Q1 2018 and Q1 2019.


Mirai is advancing beyond cheap consumer IoT devices into the big leagues. Enterprise devices including those used for manufacturing, healthcare, inventory tracking, and more are now at risk.


The number of IoT devices being deployed is rapidly increasing, and the risk along with it. IDC forecasts there will be 41.6 billion connected IoT devices generating 79.4 zettabytes of data in 2025.

In a blog post, IBM researchers wrote:

“Historically, simpler internet of things devices such as routers and CCTV cameras were most affected, but recent IBM X-Force data indicates that threat actors are increasingly targeting enterprise devices.

The attack landscape has been saturated with attacks against IoT devices since the Mirai botnet was discovered back in 2016.”

Beyond the potential to steal information or disrupt operations, botnets are being increasingly used to mine cryptocurrencies. In March, IBM X-Force found a Mirai-like botnet aimed at enterprise IoT devices that were seen dropping cryptocurrency miners and backdoors onto affected devices.

According to X-Force’s research data, Mirai and its variants are by far the most popular malware to hit enterprise networks in 2019 to date. The next Dyn-like attack feels just a matter of time, and it will likely make what came before it appear minuscule. in hearing industry leaders discuss subjects like this? Attend the IoT Tech Expo World Series events with upcoming shows in Silicon Valley, London, and Amsterdam.

View Comments
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *