RANSOMWARE TRACKING MAPS

Recent problems experienced with Ransomware are evident from infections, which have occurred in 99 countries including China and Russia. The organization that was worst hit by the attack was the National Health Service in England. It was reported that there was a WannaCry programme that demanded...

A New CCTV Nightmare: Botnets And DDoS attacks

Botnets and DDoS Attacks

There’s just so much that seems as though it could go wrong with closed-circuit television cameras, a.k.a. video surveillance. With an ever-increasing number of digital eyes on the average person at all times, people can hardly be blamed for feeling like they’re one misfortune away from joining the ranks of Don’t Tase Me, Bro, esteemed internet celebrity.

However, if you think viral infamy is your worst-case scenario when it comes to CCTV, think again. Keep reading to find out why CCTV cameras and other internet-connected items are open to being hijacked by hackers looking to do DDoS damage, and about the bizarre case of the CCTV botnet located at a mall five minutes from a professional DDoS mitigation service.

The internet of issues with the Internet of Things

CCTV cameras belong to the Internet of Things (IOT), a grouping of, well, things that are linked through both wired and wireless networks, often using the same internet protocol as the internet. They’re embedded with network connectivity, electronics, sensors and software that allow them to collect data and exchange data. Pacemakers, smart thermostats and microchips in animals are all examples of the items that make up the Internet of Things.

bot-net
The Internet of Things is actually very cool. It minimizes the gap between the physical world and computer-based systems. It’s what allows you to turn on your smart washing machine from the office, or lock your front door from the train. Here’s the issue with the Internet of Things, though. Your laptop is connected to the internet, so you’ve secured it. Same for your phone, tablet, probably your router, and any other number of internet-connected devices you use on a daily basis. You wouldn’t leave those open to exploitation, allowing just anyone to hijack and control them.

The Internet of Things is designed to be remotely controlled across network infrastructure. Read that again. These items are designed to be remotely controlled. And yet, how many of those cow microchips do you think are secured? How many smart TVs? How many of the 245 million surveillance cameras that are installed worldwide? (And that’s only counting the professionally installed surveillance cameras. Imagine how many do-it-yourself cameras are out there with even less security.)

Hijacking horror stories

You’ve probably already read about the downside of the Internet of Things, you just may not have realized it. One of the most high-profile instances of this is the recent stories about baby monitors being hacked, with grown men screaming at babies in the dead of the night.

cloud-security-attacks-vendors

(Image Source: Shutterstock)

As you can imagine, the potential for foul play with the Internet of Things is extensive. This is what’s led to the creation of CCTV botnets, which have been behind a number of DDoS attacks. By gaining control of internet-connected devices, attackers are able to direct those resources at a target website or other internet service, overwhelming it with malicious traffic and either driving it offline, or slowing it down enough to be unusable for legitimate users.

The consequences of a DDoS attack are many and dire. Not only will a website that’s not working drive users away and erode consumer trust, but a DDoS attack can also cause hardware damage, software damage, and can act as a smokescreen while attackers steal intellectual property, customer information, and financial data. And in terms of dollars and cents, an unmitigated DDoS attack can cost an organization a staggering $40,000 per hour.

From a virtual battlefield to a physical one

CCTV botnets weren’t anything new to professional DDoS mitigation providers Imperva Incapsula. In fact, they first publicly warned about them in March of 2014 when a steep increase in botnet activity largely traced back to CCTV cameras.

However, it was a slightly different ballgame when Imperva Incapsula began to mitigate repeated HTTP flood attacks on one of their clients. The DDoS attack itself was nothing special – peaking at 20,000 requests per second, no big deal for professional DDoS mitigation – however when Imperva Incapsula began looking through the attacking IPs, they discovered something curious. Some of the botnet devices were located right near their office.

Bot-CCTV

Geo-location of CCTV Botnet devices (Source: Imperva Incapsula)

Further detective work revealed that the botnet devices in question were CCTV cameras that were accessible to attackers through the devices’ default login credentials. Imperva Incapsula employees took a look through the camera lens and recognized a mall not five minutes from their offices. In a stark departure from a normal day spent fighting the evils of the internet, employees were able to head over to the mall and explain to the camera owners in-person what had happened, why it happened, and help them clean the malware from their cameras.

Lessons that need to be learned

What you need to learn from these Internet of Things incidents is two-fold. Firstly, if you have internet-connected devices like smart TVs, washing machines, thermostats, precision farming equipment, anything, they need to be secured. Even if you for some reason did not care if your devices were being used in a botnet to carry out DDoS attacks, rest assured that if attackers can hijack your devices for DDoS attacks, they can take control of them for other reasons. This is an especially frightening thought when it comes to nanny cams and other monitoring devices in your home.

The second lesson that needs to be learned in all of this is for website owners. The Internet of Things is already massive and it’s estimated by Gartner that by the year 2020, it will be comprised of over 25 billion devices. That is billions of devices that could potentially be used in DDoS attacks against websites just like yours.

Professional DDoS protection is already a necessity, and it’s only going to continue to become a bigger necessity. Professional DDoS mitigation services may not be able to protect you from the prying eyes of a CCTV camera during your most embarrassing moments, but they can protect your website, your users, your equipment, your intellectual property, and your finances from CCTV and other Internet of Things botnets.

By Naomi Webb

About CloudTweaks

Established in 2009, CloudTweaks is recognized as one of the leading authorities in cloud connected technology information and services.

We embrace and instill thought leadership insights, relevant and timely news related stories, unbiased benchmark reporting as well as technology related infographics and comics.

SYNDICATED NEWS SOURCES

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit to Help Cybersecurity Pros Securely Harness Cloud Technologies

By CloudBuzz | September 22, 2017

(ISC)2 and Cloud Security Alliance Host Cloud Security Summit Research cites strengthening of cloud security skills top priority over next three years CLEARWATER, Fla. ,Sept. 22, 2017 /PRNewswire-USNewswire/ — (ISC)² today announced it’s partnering with the Cloud Security Alliance (CSA) for the CSA…

Exclusive: T-Mobile, Sprint close to agreeing deal terms – Sources

By CloudBuzz | September 22, 2017

(Reuters) – T-Mobile US Inc (TMUS.O) is close to agreeing tentative terms on a deal to merge with peer Sprint Corp (S.N), people familiar with the matter said, a major breakthrough in efforts to merge the third and fourth largest…

Hack of U.S. securities regulator rattles investors, stirs doubts

By CloudBuzz | September 21, 2017

WASHINGTON/NEW YORK (Reuters) – Wall Street’s top regulator faced questions on Thursday about its defenses against cyber criminals after admitting hackers breached its electronic database of corporate announcements and may have used it for insider trading. The incursion at the…

Leaking Cloud Databases and Servers Expose Over 1 Billion Records

By CloudBuzz | September 21, 2017

Servers Expose Over 1 Billion Records As The Wall Street Journal recently pointed out, some clients of cloud service providers such as Amazon and Microsoft are accidentally leaving their cloud databases exposed due to misconfigurations of their services. Coupled with recent headline-making…

Thales Joins the Microsoft Enterprise Cloud Alliance

By CloudBuzz | September 21, 2017

SAN JOSE, Calif., Sept. 21, 2017 /PRNewswire/ — Thales, a leader in critical information systems, cybersecurity and data security, is now a member of the Microsoft Enterprise Cloud Alliance (ECA). Designed to foster innovation and promote awareness of partner solutions, the ECA membership…

Addressing the UK NCSC’s Cloud Security Principles

By CloudBuzz | September 20, 2017

As your organization adopts more cloud services, it’s essential to get a clear picture of how sensitive data will be protected. Many authorities, from government regulators, to industry standards bodies and consortia, have provided guidance on how to evaluate cloud…