Danger Lurking: Mirai and Botnet Are Terms Auditors Should Know

By | 3 months ago

Uh, oh. Forget the Secret Life of Pets. What about the secret life of your video recorder or router? Am I the only one that is reminded of this scene from Brave Little Toaster?

Just me. Ok.

Internet of Things goes rogue

Sure, it is no secret that lots of devices now have a Wi-Fi enabled minds of their own. What gets tricky is when rather than performing their programmed function, these seemingly innocent devices are infected with malicious code. Infected devices can either seem faulty and temperamental or work just fine — or so you think. You may have no idea you are enabling an attack on the web.

The Wall Street Journal covered one unsuspecting victim’s story this week:

While Bea Lowick’s customers were busy folding clothes last year, the security system at her Carbondale, Colo., laundromat was also hard at work.

Though she didn’t know it, Ms. Lowick’s Digital ID View video recorder was scanning the internet for places to spread a strain of malicious software called Mirai, a computer virus that took root in more than 600,000 devices last year.

Ms. Lowick, 59 years old, said she wasn’t aware the device was doing anything other than acting up. Her remote-viewing app kept disconnecting. She was able to reconnect it by restarting the digital video recorder.

Pay attention, auditors

Sure, auditors are not in charge of internet security, but as IoT devices start to play larger roles in companies, auditors need to be aware of this growing issue too. How do these IoT devices interact with the general ledger and other significant financial data systems? Are there risks we are missing or controls we should be testing?

A layer of additional risk develops when larger companies jump on the Internet of Things bandwagon. The more devices with access to the network, the more complex and vulnerable it will become. PC World says that Mirai “has been found on 500,000 to 600,000 IoT devices at one time or another” and experts in the field estimate about 250,000 to 300,000 IoT devices are still infected with Mirai.

Growing problem

PC World warns that “things could get worse” before they get better. The Mirai virus code was made available publically in late 2016 and now is being modified to infect new devices. Plus, IoT devices are inherently insecure since they are fairly inexpensive.

I am feeling ever so reassured by Paul Vixie, a security engineer, who had this to say at the time the code leaked:

The people who keep the internet running are either at the bar with stiff drinks in their hands or they’re tearing their hair out because there is nothing they can do to stop this

Not.

When devices are directed to band together (called a botnet), they have the power to bring down major websites — think Amazon, Paypal, and Twitter — or other critical systems that could impact your client’s financial reporting. Clients that rely on software as a service (SaaS) accounting information systems are most at risk, from QuickBooks Online to Oracle or SAP.

You have been warned.

Image: Pixabay

Tags