A private network security firm has uncovered a swell of botnet activity with a commonly used device by enterprise and individuals for security – the closed-circuit television camera (CCTV).
As the Internet of Things (IoT) becomes a reality more than a concept, the threat of under-protected connected devices being taken over by an attacker poses a substantial security risk. Security firm Incapsula in a recent report has uncovered a 240 percent increase in botnet related activity with much of it being down to compromised CCTV cameras.
Recent estimates from 2014 peg that there may be as many as 245 million CCTV cameras operating around the world. These numbers take into account the ones installed by professionals. It is beyond doubt that there are millions more installed by the unqualified many who take few precautions when it comes to security. Significantly, a large proportion of these cameras, professionally installed or otherwise still use the default login credentials with owners not resorting to changing usernames and passwords.
Incapsula mentioned a nameless client who were the target of multiple HTTP flood attacks where their servers were being inundated with attacks peaking at 20,000 requests per second by 900 CCTV cameras that repeatedly send requests to a cloud server. Fundamentally, the CCTVs used legitimate URLs while accessing the cloud service website at such a high volume, akin to a brute force attack that the website servers crashed, unsurprisingly.
The attack mentioned in the example also had compromised cameras that were logged in from multiple locations at the same time, meaning a whole network of individual attackers may have hacked the cameras, showing yet again how insecurely connected devices are when they aren’t properly customized with good security practices.
Related article: Smart Refrigerators Leave Gmail Logins Vulnerable to Exploits
What this shows is that vulnerable devices can easily be hacked into by malware tool kits to create a botnet swarm that, even though fundamentally low-tech, can group together to form a crippling botnet server capable of brute force attacks capable of taking down ante websites.
IoT may be the future but unless enterprise and even individuals employ better security practices, there will be more vulnerable devices in our homes and offices for attackers to take control of.