In this day of mass surveillance and privacy awareness, CCTV cameras are often forgotten about. But as it turns out, these monitoring devices can serve an even nefarious purpose, albeit unwillingly. Security researchers uncovered a botnet operating on 25,000 CCTV cameras. This attack targeted a small jewelry store website, which was unavailable for several days.
Also read: A Politician from Paris Wants to Ban Bitcoin
Although most people are well aware of how CCTV cameras are small computers, one would never think of them as a tool for hackers. Granted, camera surveillance hacking occurs in tv shows and movies for bank heists and whatnot. But so far, no one attempted to use these devices to set up a botnet for a DDoS attack.
CCTV Botnets Are Very Real
Apparently, some unknown hacker – or hackers – managed to pull that trick off quite successfully. With over 25,000 CCTV cameras hacked, a DDoS attack against a small online jewelry store was executed. Even though every one of these cameras has a tiny processor, the combined force of 25,000 machines can pack quite a punch.
Sucuri researchers came across this denial of service attack and noticed how 35,000 HTTP requests were generated every second. At its peak, the attack saw nearly 50,000 requests per second being executed. Considering how there were over 25,000 different IP addresses, this seemed like a well-coordinated attack. Most of the devices originated from Taiwan, with the rest spread out over 100+ different countries.
Interestingly enough, the vast majority of CCTV cameras are H.264 Network DVRs. It does not appear one particular model or brand was used during this DDOS attack. However, all of the affected devices use Busybox software, which can be run in Linux, Android, and FreeBSD.
Unfortunately, there is a well-known remote code execution exploit affecting DVR boxes. In total, 70 different CCTV vendors are susceptible to this attack. However, it is not likely this security flaw will be patched soon. Plus, there is no guarantee these types of attacks will become impossible through software updates. CCTV cameras are a good way of create global botnets, sadly enough.
The best of course of action would be to ensure these DVR devices have no Internet connection whatsoever. Moreover, updating the firmware and other software should be priority number one. For the time being, DVR botnets remain a grave threat to website owners all over the world.
What are your thoughts on this “new breed’ of botnets? Let us know in the comments below!
Source: Threatpost
Images courtesy of Shutterstock,