Adam Bannister

Editor, IFSEC Global

Author Bio ▼

Adam Bannister is editor of IFSEC Global. A former managing editor at Dynamis Online Media Group, he has been at the helm of the UK's leading fire and security publication since 2014.
October 6, 2016

Get the IFSEC Global newsletter

The latest security and fire news, reports and resources

Download

Access control in the connected workplace 2017

Hijack of nearly 1.5m surveillance cameras a wake-up call for security industry

Last week hackers managed to bring down a popular security website after hijacking more than a million security cameras.

KrebsOnSecurity.com, which is run by freelance journalist Brian Krebs, was flooded with traffic over the course of two days. The distributed denial of service (DDoS) was a rather pointed attack given Krebs’ record of exposing and reporting on cybercrimes.

Surpassing 660 Gbps of traffic, it was one of the biggest DDoS attacks in history.

The hackers harnessed two ‘botnets’ – networks of devices infected with malware – comprising 980,000 and 500,000 ‘zombie’ devices, according to internet service provider and telecoms giant Level 3 Communications. Most of these devices were internet-connected cameras.

Because everyone wants to be able to connect physical security to their online world, the potential for attacks is only going to increase.” James Wickes, CEO, Cloudview

A cyber security expert protecting the website called it “the biggest attack we’ve ever seen.”

James Wickes, CEO and co-founder of Cloudview, the world’s first corporate grade, cloud-based surveillance solution, said “it highlights that CCTV systems are the second most prevalent internet connected devices, and too often are vulnerable to hacking because they don’t have even the most basic security protections in place.”

“As powerful computers in their own right, they can be used as a Trojan horse to attack corporate networks, or their combined power can be used to attack and bring down servers and entire networks. Worryingly, because everyone wants to be able to connect physical security to their online world, the potential for attacks is only going to increase.”

New front in cyber war

The attack heralds a new front in the cyber war as criminals recognise the vulnerability of proliferating connected devices and ‘things’.

Mostly using direct traffic, this was an unusual DDoS attack. Rather than tricking faulty servers into boosting malicious traffic, as previous DDoS attacks have tended to do, this ‘amplification’ or ‘reflection’ attack compelled the servers to generate multiple response packets for each packet sent.

Wickes said it served as a wake-up call for the physical security industry as it becomes increasingly intertwined with – and replaced by, if they’re not careful – the IT sector.

“This represents either a huge threat or a tremendous opportunity to the security industry,” he said. “The threat is that the IT industry will take over and become the go-to place for secure online products and services.

“The opportunity is for the security industry to rise to the challenge and proactively integrate cyber security services into their IoT products. Clearly, whoever succeeds will win a huge market.

“To quote Rudyard Kipling: ‘NOW this is the law of the jungle, as old and as true as the sky and the wolf that shall keep it may prosper, but the wolf that shall break it must die.’”

Korean firm Hanwha Techwin sought recently to reassure its own customers and called for collaboration across the supply chain to combat the growing hacking threat.

Visit Europe’s only large-scale security event in 2017

Taking place in London, 20 – 22 June 2017, IFSEC International gives you exclusive hands-on access to over 10,000 security solutions, live product demonstrations, and networking with over 27,000 security professionals. Covering every aspect of security, from access control and video surveillance to smart buildings, cyber, border control and so much more.

Time is running out, register now to avoid missing out

Leave a Reply

1 Comment on "Hijack of nearly 1.5m surveillance cameras a wake-up call for security industry"

Notify of
avatar
Sort by:   newest | oldest | most voted
phim cach nhiet ntech
Guest
wpDiscuz