Major campaign hit CCTV cameras using them to launch DDoS fire

There have been many warnings about the Internet of Things, and the security risks it poses, so news of a major DDoS campaign run via CCTV cameras will come as no great surprise to many.

This particular nefarious scheme was uncovered by security firm Imperva (via PC World), but what might surprise you is the scale that it operated on.

The DDoS (distributed denial of service) campaign utilised some 900 CCTV cameras worldwide, and peaked at around 20,000 requests per second.

Apparently it was aimed at a large cloud service which serves millions across the globe.

CCTV cameras are a common target for malicious parties, as there are so many poorly secured and configured connected cameras around. As Imperva notes, there are some 245 million surveillance cameras globally, and those are just the ones which have been installed by professionals.

Amateur efforts will be all over the place, too, and likely even worse in terms of security. The problem is, as with routers, some folks simply leave the default login credentials in place, making compromising them an easy matter.

Indeed, the CCTV cameras involved in this campaign were all accessible by said default logins. The affected devices were also all running embedded Linux with BusyBox.

If you have a CCTV camera, or any connected device for that matter, always make sure you change the default login details. Not doing so is the equivalent of leaving your front door unlocked…

In a blog post, Imperva stated: “We hope our story will raise awareness about the importance of basic security practices – as well as the threat posed by unsecured connected devices.

“Even as we write this article, we are mitigating another IoT DDoS attack, this time from an NAS-based botnet. And yes, you guessed it, those were also compromised by brute-force dictionary attacks.”