Hackers iterate constantly and at a frightening rate. Whenever a new piece of malware finds success, a million imitators and successors will pop up. The marketplace of ideas guarantees that the most successful of these variants will rapidly spawn offshoots of their own. We\u2019ve seen this in the rise of ransomware, and now we will see it in the rise of botnets like Mirai.When Mirai struck the internet this October, it was the\u00a0largest DDoS attack ever recorded. It achieved a throughput of 1.2 Tbps by leveraging the potential of hundreds of thousands of\u00a0insecure IoT devices. A troubling fact to consider is that Mirai also spawned the third-biggest DDoS attack earlier in September, bringing down\u00a0Krebs on Security\u00a0with traffic equivalent to 665 Gbps. In short, the more recent attack already represents an iteration of Mirai\u2019s capabilities\u2014what are we about to see next?An Open-Source MenaceOne of the most compelling reasons that we\u2019re about to see a surge in Mirai-descended malware is the fact that it is now open-source. Anyone who\u2019s motivated to create a large-scale\u00a0internet outage\u00a0is now free to tinker with Mirai\u2019s design. In fact, we\u2019re already seeing iterations that might push the capabilities of this virus even further.A new cousin of Mirai is known to security researchers as\u00a0Linux\/IRC telnet. Like Mirai, it massively automates the process of finding, infecting, and controlling IoT devices. \u00a0This new malware actually takes its cues from two different sources. Its source code isn\u2019t based on Mirai itself\u2014rather, it\u2019s a revision of Aidra, a botnet that was found infecting routers, modems, and DVR devices\u00a0as far back as 2013. From Mirai, it takes a list of login credentials representing the hard-coded admin passwords for newer and more vulnerable IoT devices such as webcams.Internet Outages Are Now a Public Safety IssueThe thing to take away from the Aidra revision is that the 2013 edition was not particularly deadly. Per the original report, it was only designed to infect a rather small category of devices. By incorporating data from Mirai (which basically compromises\u00a0the entire product range\u00a0of an IoT chip manufacturer), the authors of Linux\/IRC telnet have a much larger attack surface to choose from.DDoS attacks are already common, but botnet malware that\u2019s based on Mirai\u2019s design philosophy has the potential to change the game. Open-source versions of Mirai give any random script kiddie the potential to whip up a massive robot army from unsecured IoT devices and then cause\u00a0internet outages\u00a0at will.As our world becomes more networked,\u00a0these abilities become more and more dangerous. Recently, two apartment complexes in Finland found themselves without heating when unknown hackers conducted\u00a0DDoS attacks on their networked thermostats. This may seem benign, until you remember that winter in Finland produces subzero temperatures starting in mid-October. Unheated buildings in those conditions pose a hazard to their residents. The time is coming when a DDoS attack will kill.Businesses, Manufacturers, and Governments Must Fight Botnet ProliferationAidra isn\u2019t the only mutant version of Mirai that\u2019s achieved notoriety in recent weeks. A more directly-descended variant knocked\u00a0over 900K German users\u00a0offline in mid-November. This particular version added a new category of insecure routers to its infected targets, and was so aggressive that it didn\u2019t even need a persistence mechanism. Rather, had the ability to\u00a0re-infect a vulnerable device\u00a0within ten minutes of it being reconnected to the internet.There isn\u2019t going to be a quick cure for IoT botnet proliferation\u2014the toothpaste is out of the tube. To begin mitigating this epidemic, businesses, regulators, and manufacturers all need to work together. Manufacturers need to construct more resilient IoT products, businesses need to enforce proper hygiene on IoT devices, and regulators\u00a0need to create a compliance regime\u00a0for both users and manufacturers to follow.The solution isn\u2019t likely to be easy, but the alternative is worse. To keep abreast of all the news in this space and create a proper endpoint protection strategy, download this white paper:\u00a0Industrial Control Systems Under Threat: Preventing the Next Stuxnet.