Mirai botnet attack

Name
Mirai botnet attack
Tracking Number
2016-021
First Publish Date
04-Oct-16
Date of Current Status
13-Oct-16
Next Planned Update
N/A
Description
A recent Distributed Denial of Service (DDOS) attack has been attributed to the Mirai botnet which harnesses Internet of Things (IoT) devices and other network devices to send massive amounts of data to targeted sites for purposes of forcing them offline.
What You Need To Know?
A report on the attack by Brian Krebs lists a number of different IoT devices and their default administrative passwords that are thought to have been involved in the attack. Xerox is mentioned in the list.
What is Xerox Doing About This?
Xerox has studied the botnet source code and determined that it cannot successfully attack any Xerox device. The two services the botnet uses, telnet and SSH, to open a command line are not supported.
Impact
Xerox devices may be targeted but cannot be successfully attacked. See below for recommendations on what you can do to prevent your Xerox device from being controlled by unauthorized individuals.
What Should You Do?
  • Don’t connect your Xerox device directly to the public Internet. Make sure it’s behind a firewall or router so that only you and your users have access to it. This keeps outsiders from accessing the machine and interrupting your business. Please check with your IT department if you’re unsure.
  • Don’t leave the administrator’s password set to the default. Change it so that unauthorized individuals can’t easily guess it and take control.
  • Choose a password that is at least 8 (eight) characters in length with a combination of letters, numbers and special characters.
  • Never share the administrator’s password with anyone who does not have a legitimate need to know.