Over the past few years, cyber-security has become possibly a larger threat compared to physical security. We protect our properties with locks and keys and with security cameras, but never anticipated that they could be used against us.
On Friday Morning, October 21st 2016, a denial of service attack crippled servers across the East Coast causing devastating interruptions and outages. The attacks hit Twitter, Netflix, Spotify, Reddit, and many others- all clients of a domain registration provider called Dyn. The internet attacks powered by everyday devices represent a new era of vulnerabilities in today’s highly connected culture.
A Chinese firm that makes components for surveillance video cameras admits that their security cameras and DVR’s were used to carry out part of the unprecedented strike. Details are now emerging about how the attack occurred. It appears the Mirai-based IoT botnet is responsible.
“Mirai is a huge disaster for the ‘Internet of Things,'” XiongMai representative Cooper Wang told CNNMoney in an email. “[We] have to admit that our products also suffered from hackers’ break-in and illegal use.”
The Mirai-based IoT botnet attacks started a few weeks ago when the most widespread and powerful hacking attempt was reported, which took down several websites. It was unprecedented in size and scale, and was launched from a surprising Launchpad – IP security cameras.
Hackers broke into and hijacked security cameras, and proceeded to install harmful software bots on these cameras creating a vast network of bots, called a botnet. The botnet launched attacks from these cameras to flood websites with unwanted data crashing the sites and denying access to legitimate users. These hacked IP cameras were exposed to the Internet and protected with weak or hard-coded passwords that relied on the end-user or installer for updating.
The attacks started with the a 620 Gbps DDoS that hit Krebs On Security, the website of security researcher Brian Krebs, which was propelled by a botnet of 150,000+ compromised Internet of Things devices, routers, DVRs and security cameras. Krebs believes the hit was likely related in retaliation to an article posted on his blog.
Two concurrent attacks were then launched against French hosting provider OVH, which clocked in at a combined 1.1Tbps, this is larger than any other reported. The OVH founder said that the attack had used IoT devices to mount the attack including hacked CCTV cameras and personal video recorders. “This botnet with 145607 cameras/dvr (1-30Mbps per IP) is able to send >1.5Tbps DDoS. Type: tcp/ack, tcp/ack+psh, tcp/syn,” he tweeted.
These attacks have grown to gigantic proportions, and to make matters worse, the source code for the record-breaking distributed denial-of-service (DDoS) attack, has been released online. This release has increased the attacks from new botnets driven by vulnerable routers, IP cameras, and other quickly hackable devices.
Why should you be concerned?
In a network security environment, each device is a computer complete with IP address, passwords, security configuration settings and often times weaknesses. Poorly configured devices can provide a hacker with the opportunity to gain entry into the network where they can alter or collect data, change settings, take control of the system or completely takeover a physical security system leaving the business unprotected.
In particular, IP cameras offer a remarkably easy entry into the system. IP cameras can become susceptible due to misconfiguration and user error or design flaws, passwords, and firmware. Another weakness of IP cameras is the “set-and-forget” mindset often practiced by the installing dealer and/or the end-user. In other words, your cameras are probably at risk which could lead to the following consequences.
- Your ISP will shut off your internet: Your internet service provider will shut off your internet if your system has a security breach, because you remain at risk of further spreading the attacks. Not having internet access can cripple your business and often damage consumer trust.
- Your Personal Data and Others is at Risk: A simple data breach could put your login credentials and others in the wrong hands. This could have devastating effects on your reputation, job, personal data, and business records.
As more IP cameras and internet connected devices get deployed, these attacks will continue to grow. Your IP cameras are at risk unless you take the necessary steps to secure your security system.
It’s important to act now and find out if you’re vulnerable.