Skip to main content

Giant CCTV Camera Botnet Highlights IoT Security Threats



Researchers have uncovered an unusual botnet made up entirely of Internet-connected CCTV cameras, in the latest sign of the security risks posed by the “Internet of Things” (IoT).
The incident recalls a similar case last autumn in which a computer security firm found that a botnet made up of 900 CCTV cameras was launching an attack on an unnamed cloud services provider.



Giant botnet

IBM
But in this case the attack network was much larger, launching malicious data from more than 25,000 unique Internet addresses, according to computer security firm Sucuri.
The attack came to light when Sucuri was contracted to protect the website of a bricks-and-mortar jewellery shop that had been knocked offline by a denial-of-service attack, according to Daniel Cid, founder and chief techology officer of the company.

After Sucuri had blocked the attack, they found that instead of giving up, the attackers increased the intensity of the barrage from 35,000 HTTP requests per second to 50,000 requests per second, Cid said in an advisory.

“Since this type of long-duration DDoS is not so common, we decided to dive into what the attackers were doing, and to our surprise, they were leveraging only IoT CCTV devices as the source of their attack botnet,” he wrote.
He said it was the first time the firm had come across an entirely CCTV-based botnet of that scale.

Worldwide distribution

Sucuri found that at least 25,500 devices were being used to launch the attack, with 24 percent located physically in Taiwan, followed by the US with 12 percent, Indonesia with 9 percent, Mexico with 8 percent and Malaysia with 6 percent.
The devices were located across a total of 95 countries, and all were based on BusyBox, a Unix utilities package that often runs on embedded devices, Cid said.

Sucuri said it is contacting the network providers hosting the devices’ Internet addresses to help fix the issue, but botnets are notoriously difficult to dismantle due to their diffuseness.
“If you are an online camera user or vendor, please make sure it is fully patched and isolated from the Internet,” he wrote.
Last autumn computer security firm Incapsula said it had seen a 240 percent increase in malicious traffic on its network in March of 2014, most of it originating from compromised CCTV cameras.

Security camera risk

Online surveillance © - Fotolia.comInternet-connected CCTV cameras are one of the most vulnerable IoT devices, according to Incapsula, due in part to the large number deployed.
About 245 million professionally installed surveillance cameras were operating worldwide last year, according to figures from research firm IHS Technology, but Incapsula estimated there are “millions” more that have been set up on an ad-hoc basis.

Research firm IDC anticipates there will be more than 28 billion IoT devices installed by 2020.
Incapsula said last October it had found a CCTV-based botnet made up of about 900 devices that were being used to launch denial-of-service attacks, all of which were, like the network found by Sucuri, running BusyBox.

Incapsula found that the devices had been easy to hack because they had all used the factory default login credentials. The lack of security meant, unsurprisingly, that the devices involved had, in almost every case, been hacked by several different individuals.

The cameras involved were spread around the world, with particularly large numbers from India (169), Latin America and Eastern Europe. By coincidence, one of the infected devices was located at a shop five minutes from Incapsula’s Tel Aviv offices, the company said .

“We were able to meet with the store owners, show them how their CCTV cameras were abused to attack our clients and help them clean the malware from the infected camera’s hard drive,” wrote Incapsula’s researchers at the time. “As we did, we witnessed it coughing out attacking requests up to the very last moment.”
A study released last year found that up to 68 percent of IT professionals believe business efficiency requirements are forcing their organisations to adopt IoT devices in spite of the security risks.

Comments

Post a Comment

Popular posts from this blog

Security Alert; Bart Ransomware Bypasses Corporate Firewalls

A new ransomware variant has emerged that’s similar to widespread threats such as Dridex 220 and Locky Affid=3, but uses a security-evading technique that may allow it to attack organisations protected from other malware, according to computer security researchers. Ransomware has spread quickly in the last few months, as a number of payouts have attracted cyber-criminals to the technique.
Post a Comment
Read more

BT And Nokia Strike 5G Research Deal

BT and Nokia have signed a research collaboration agreement together to work on next generation 5G technologies. Both companies say they went to work on finding potential customer use cases for emerging 5G networks, and will collaborate on proof of concept trials for 5G. “Nokia is delighted to be working with BT in laying the foundations for 5G adoption in the coming years, and in helping define how this technology will enable exciting and innovative experiences,” said Nokia UK head Cormac Whelan. Speed Nokia stand MWC 20165G networks should offer customers faster speeds and lower latency, and will become especially pertinent through the Internet of Things over the next decade. Commercial 5G networks will offer speeds of at least 1Gbps, and have 1,000 times more capacity than 4G networks. Such speeds would allow for the simultaneous streaming of data-heavy content such as virtual reality or live 360 degree video to any device, while greatly reduced latency would mean real-t...
Post a Comment
Read more

England Eliminated And Manager Roy Hodgson resigns

Wayne Rooney gave Roy Hodgson's side a fourth-minute lead from the penalty spot at the Allianz Riviera on Monday, but two goals in 12 minutes turned the match in Iceland's favour, setting up a quarter-final clash against France.
Post a Comment
Read more