By Yohai Einav, Hongliang Liu
It's been 18 months since Mirai entered our lives, and, unfortunately, we expect it to have a perennial presence in our cyber-world for years to come. If we look at the big picture, all indicators suggest that the Mirai problem (and its descendants) is just going to increase, with the growing number of IoT devices in the world and the improvement in IoT hardware (which makes them a more enticing opportunity for attackers - better computing power means a potential for more advanced attacks) being two primary reasons.
This makes Mirai research more urgent, and subsequently, makes DNS-based security more important. There are very few points in time when you can stop Mirai, and blocking its C&C communications in the DNS layer is one of the most effective ways (blocking C&C communications disrupts the bots' ability to receive commands and turn them into less-harmful zombies).