Jun 19 2019

How the FBI Investigated and Dismantled the Mirai Botnet

In September 2016, the Mirai botnet attack turned Internet of Things devices running on the ARC processor and the Linux OS into bots that could be used as part of a botnet in large-scale network attacks. The malware lurked on fringe social media channels and blogs, eluding FBI agents until it became one of the largest and most disruptive distributed denial of service (DDoS) attacks. 

FBI Special Agent Elliott Peterson and FBI Supervisory Special Agent William Walton detailed the scope of the attack, including the number of companies who had no idea their devices were even compromised, how the FBI eventually neutralized the bad actors and the IT conversations they recommend companies have now to prevent damage from future DDoS attacks.  

View our coverage from RSA Conference 2019 to gain more insight into how the conversation on cybersecurity is growing and evolving.


    • Special Agent Elliott Peterson, FBI 
    • Supervisory Special Agent William Walton, FBI


Video Highlights

  • The Mirai malware attack in September 2016 not only hit quickly and violently, but seemingly came from nowhere and lurked on fringe channels the FBI was least likely to monitor.
  • Despite the FBI's quick actions to attribute and neutralize the threat, companies lost hundreds of thousands in revenue when the denial of service attack downed networks. 
  • The FBI recommends companies safeguard against future malware hacks by knowing and securing every device on their network, as well as consulting with IT services on security protocol before an attack occurs.