New findings released today from Imperva Incapsula researchers has revealed that CCTV cameras in popular destinations, like shopping malls, are being turned into botnets by cybercriminals, as a result of camera operators taking a lax approach to security and failing to change default passwords on the devices.
CCTV cameras are among the most common Internet-of-Things (IoT) devices and Imperva first warned about CCTV botnets in March 2014. In this latest attack, Imperva was particularly surprised to find it was originating from a shopping mall five minutes from their offices. This leads Imperva to believe that these attacks are happening more often than people are aware of and that potentially millions more CCTV cameras in popular destinations have already been compromised.
The Imperva Incapsula blog explains the research “CCTV Botnet In Our Own Back Yard” which is highlighted by :
- The attack was run of the mill, peaking at 20,000 requests per second (RPS). The surprise came later when, upon combing through the list of attacking IPs, Imperva discovered that some of the originating devices were located right in their own back yard. Looking through the camera lens Imperva spotted a familiar sight—a storefront in a mall located not five minutes away from their offices.
- The assault consisted of HTTP GET floods that peaked at around 20,000 RPS, with its traffic originating from roughly 900 CCTV cameras spread around the globe. Their target was a rarely-used asset of a large cloud service, catering to millions of users worldwide.
- In sharing this story, Imperva hopes to raise awareness about the importance of basic security practices—as well as the threat posed by unsecured connected devices. Whether it be a router, a Wi-Fi access point or a CCTV camera, default factory credentials are only there to be changed upon installation.
Imperva® (NYSE:IMPV), is a leading provider of cyber security solutions that protect business-critical data and applications. The company’s SecureSphere, Incapsula and Skyfence product lines enable organizations to discover assets and risks, protect information wherever it lives – in the cloud and on-premises – and comply with regulations. The Imperva Application Defense Center, a research team comprised of some of the world’s leading experts in data and application security, continually enhances Imperva products with up-to-the-minute threat intelligence, and publishes reports that provide insight and guidance on the latest threats and how to mitigate them. Imperva is headquartered in Redwood Shores, California.