In response to the news that security researchers have discovered a massive network of hacked CCTV cameras which is being used to bring down computers around the world, security experts at Imperva and Prpl Foundation commented below.

Igal Zeifman, Senior Manager at Imperva:

Igal Zeifman“Security cameras are among the most prevalent and least protected IOT devices. Moreover, many have high upload connections, meant to support their remote streaming functionality.

For these reasons security cameras are prime targets for botnet herders, who are always looking to add more devices to their “flock”. In the past few years, we have seen several examples of CCTV botnets being used for high profile DDoS attacks.

The issue is not just the growth of CCTV botnets, but that no one is securing those that have already been discovered. Case in point, the CCTV botnet we uncovered last year is still active, and we continue to spot its signatures in attacks against our customers on a regular basis.”

Cesare Garlati, Chief Security Strategist at Prpl Foundation:

Cesare Garlati

“The very fact that patching isn’t high on the priority list for admins is testament to why security in devices like CCTV cameras needs to be ‘baked in’ at the chip or hardware layer. If we don’t take steps now to improve security within devices at the development level, the results could be catastrophic, especially when they can be hijacked and directed at critical infrastructure.”

Information Security Buzz