Short Bytes: Internet of Things are constantly being targeted by attackers to get the better off of the companies or individuals. CCTV surveillance cameras are generally preferred for the purpose. Make sure you do not come under the attack of CCTV botnet.
There are a number of instances reported every day where either a big company or individuals are targeted by the black hats. But, for quite some time now, IoT or Internet of Things have become the attackers’ fetish, and in that too it is the loosely protected surveillance cameras that catch the hackers’ eye the most.
An artist was arrested a few months back for hacking into the surveillance system of a dreary town and made an album for himself in a year!
Now Incapsula security researchers have reported that their client was under a severe botnet attack by repeated HTTP GET flood attacks, peaking at around 20,000 RPS (request per second). As they went through the attacking IPs, they found that some of those unsecured cameras in the botnet were installed in their own backyards and the mall in front of their office!
The traffic originated from about 900 hacked CCTV cameras from around the world which had weak login SSH, Telnet passwords and those whose security was held ransom due to the default passwords. One thing that needs a special mention here is Shodan, a hacker search engine that stags all the IoTs in the world.
Now, as Incapsula reported that most of the compromised CCTV cameras ran on BusyBox, a version of Linux built specifically for IoT devices. And these cameras were attacked with .btce malware which is designed for the BusyBox systems. Some of the devices were even launched with HTTP Get flood DDoS attacks.
In 2014, there were about 245 million surveillance cameras operational worldwide. And that’s just a reported number, the actual figures could be way higher than this. In fact, there are cities like Beijing that are under the Skynet of surveillance cameras which can become easy targets for hackers.
So, if you too have any camera installed at your home or office or use connected electronic systems, then do not forget to ensure their security first so that you do not come under the attack of CCTV botnet.
Have anything to add? Tell us in comments below.