This article talks about the success of the Mirai DDoS botnets that are made up of IoT devices. The software enabling them is publically available, which makes it easier for inexperienced hackers to set them loose. The devices are mostly made up of security cameras, DVRs, and home routers.
An indicator that one of your IoT devices may be infected with Mirai is that the SSH and Telnet ports (22 and 23) are closed. Mirai does that so administrators can’t get in and nobody else can attack the machine in the same way.