Security

Record-breaking Cyber Attacks Delivered from Video Surveillance Cameras

Last month, various media outlets started reporting on distributed denial-of-service (DDoS) cyber attacks. These involved a cabal of hacked video surveillance cameras, digital video recorders (DVRs), routers and other Internet of Things devices. These attacks are significant for a variety of reasons, not least their sheer size and scale. One of the most serious attacks reached 1.1 Terabytes per second (Tbps), with Octave Klaba, founder of OVH estimating the so called "Botnet" had the capacity to reach 1.5 Tbps. There were over 6,800 video cameras joined to the botnet. “It’s getting huge,” Martin McKeay, a member of Akamai’s security intelligence team is quoted as saying. “You’re going to see brownouts, sections where a data center, an ISP, a region, may have so much traffic that it takes down that region.” This is a seriously worrying trend for the Video Surveillance industry who have been touting the benefits of IP enabled and connected cameras for many […]

Stay ahead of the pack

with the latest independent smart building research and thought leadership.

Have an account? Login

Subscribe Now for just $200 per year per user (just $17 USD per month) for Access to Quality Independent Smart Building Research & Analysis!

What Exactly Do you Get?

  • Access to Website Articles and Notes. Unlimited Access to the Library of over 1,700 Articles Spanning 10 Years.
  • 10% discount on ALL Memoori Research reports for Subscribers! So if you only buy ONE report you will get your subscription fee back!
  • Industry-leading Analysis Every Week, Direct to your Inbox.
  • AND Cancel at any time
Subscribe Now

Last month, various media outlets started reporting on distributed denial-of-service (DDoS) cyber attacks. These involved a cabal of hacked video surveillance cameras, digital video recorders (DVRs), routers and other Internet of Things devices.

These attacks are significant for a variety of reasons, not least their sheer size and scale. One of the most serious attacks reached 1.1 Terabytes per second (Tbps), with Octave Klaba, founder of OVH estimating the so called "Botnet" had the capacity to reach 1.5 Tbps. There were over 6,800 video cameras joined to the botnet.

“It’s getting huge,” Martin McKeay, a member of Akamai’s security intelligence team is quoted as saying. “You’re going to see brownouts, sections where a data center, an ISP, a region, may have so much traffic that it takes down that region.”

This is a seriously worrying trend for the Video Surveillance industry who have been touting the benefits of IP enabled and connected cameras for many years now. Security experts are also saying that this is a trend set to not just continue but grow.

Mckeay is quoted as saying "Now that we've seen a 600 gig botnet, we have to plan that within one to two years, those are going to become common,They may not be every attack, but we will see a dozen of them a quarter, we'll see a couple hundred of them a year. Now that people know those are a possibility, they're going to start pushing in that direction. They're going to make it happen."

Only back in June, security firm Sucuri uncovered another botnet of 25,000 Video Surveillance cameras from 105 countries attacking a small jewellery store website. The unnamed website was being assaulted by almost 35,000 HTTP requests per second, which actually increased to 50,000 HTTP requests at the height of the attack.

No-one as yet knows how such a large number of video cameras were hacked, however there was speculation they may have been exploited by a vulnerability that allowed remote code execution on DVRs from 70 different manufacturers.

All this raises some tough questions for manufacturers and installers of video surveillance cameras, as well as VMS suppliers. Exactly how can they prevent cameras becoming infected? Are they at least in part responsible for the thousands of vulnerable cameras that must now be out there “in the wild”?

It is not easy to know if connected hardware devices are infected. It is not possible to use antivirus software to scan for infections and often devices will show no sign of being infected or being used in DDoS attacks.

The fool proof method to protect cameras is never to connect them to the Internet in the first place. But this of course negates all the benefits we know the Internet of Things can bring to Smart Cities and Smart Buildings.

The video surveillance industry as a whole needs to act NOW to standardise best practice in cyber security and manufacturers must do a better job in educating installers about how to protect cameras and DVRs against attacks.

[contact-form-7 id="3204" title="memoori-newsletter"]

Most Popular Articles

Energisme Energy Performance
Energy

Energisme Energy Performance Software Business & 2022 Financials Examined

This Research Note examines Energisme, the listed French energy performance software firm. This article covers their latest financial results and their 2022 Strategic Plan. Founded in 2004, acquired in 2015 by energy sector specialists and listed on the Euronext Growth market in 2020, Energisme’s Internet of Things (IoT) offering is its N’Gage platform, a Software […]

Simpple IPO & Facilities Management Business
Smart Buildings

Simpple IPO & Facilities Management Business Examined

Founded in 2016, in Singapore, Simpple provides solutions for building managers and owners to operate their buildings autonomously through technology. Originally focused on robotic cleaning, the company soon shifted to an integrated software solution that connects IoT devices, robotic solutions, and the workforce, through a single unified platform, enabled by AI. Achieving revenues of $4.8 […]

SECOM Japan Investment
Security

Why is SECOM Investing in Eagle Eye Networks & Brivo?

The physical security industry has developed a healthy funding environment in recent years with venture capitalists providing significant backing to security companies. But this month’s $192 million investment by Japanese security integrator SECOM, into video surveillance company Eagle Eye Networks and access control provider Brivo is somewhat of an outlier. In this research note, we […]

Subscribe to the Newsletter & get all our Articles & Research Delivered Straight to your Inbox.

Please enter a valid email

Please enter your name

Please enter company name

By signing up you agree to our privacy policy