The U.S. Department of Homeland Security has issued a warning to owners of certain Sierra Wireless products. The devices are thought to be a target of Mirai, a piece of malware that has been steadily amassing a vast botnet over the past several months.
Mirai has largely been targeting Internet of Things devices, preying on the fact that many users leave their administrator login and password set to factory defaults. The Sierra Wireless products being affected are the LS300, the GX400, the GX/ES440, the GX/ES450, and the RV50, according to Hot For Security.
However, the alert issued by the Department of Homeland Security confirms that the issue is not a hardware or software vulnerability related to these devices. Users are advised to reboot the hardware, then follow steps to change their password to something more secure.
It is believed that the Mirai botnet was used in a major DDoS attack against security expert Brian Krebs. In September, Krebs reported that the source code for the malware had been made publicly available online, which may well be the root of recent attacks on Sierra Wireless hardware.
The Mirai botnet grows more powerful with every new device added to its ranks, so it is crucial as many users as possible are alerted to the straightforward process of securing their hardware. That is why the Department of Homeland Security saw fit to issue an alert, even though a relatively small sector of people will be affected.
A powerful botnet being operated by an unknown entity is a scary prospect, but fortunately it seems that hardware can be removed from its grasp fairly easily. If you own hardware that is susceptible to Mirai, make sure that you have taken the proper measures to keep it secure — in most cases, all it takes is a hard reset and a non-default password.
