ABSTRACT
The Mirai software scans the Internet for certain types of Internet of Things (IoT) devices, for example, a certain type of baby monitor. When it locates such a device, the Mirai software attempts to log in to the device using the manufacturer’s default username and password. The Dyn attack highlights the potential damage caused by security vulnerabilities in any IoT device that is connected to a network—and most IoT devices are. This chapter presents the background necessary to frame the IoT environment and threats. IoT systems often have a similar general architecture, even if they are used in widely different IoT ecosystems and highly varied industries. The chapter discusses the architecture and design principles required to build secure IoT systems. When copycat attackers used Mirai code from Github to attack IoT devices, they were using a known and proven attack method.
