New research from Imperva has revealed that CCTV
November 2015 by Imperva
CCTV cameras are among the most common Internet-of-Things (IoT) devices and Imperva first warned about CCTV botnets in March 2014. In this latest attack, Imperva was particularly surprised to find it was originating from a shopping mall five minutes from their offices. This leads Imperva to believe that these attacks are happening more often than people are aware of and that potentially millions more CCTV cameras in popular destinations have already been compromised.
Imperva has produced a blog which details its findings, however key findings can be found below:
The attack was run of the mill, peaking at 20,000 requests per second (RPS). The surprise came later when, upon combing through the list of attacking IPs, Imperva discovered that some of the originating devices were located right in their own back yard. Looking through the camera lens Imperva spotted a familiar sight—a storefront in a mall located not five minutes away from their offices.
The assault consisted of HTTP GET floods that peaked at around 20,000 RPS, with its traffic originating from roughly 900 CCTV cameras spread around the globe. Their target was a rarely-used asset of a large cloud service, catering to millions of users worldwide.
In sharing this story, Imperva hopes to raise awareness about the importance of basic security practices—as well as the threat posed by unsecured connected devices. Whether it be a router, a Wi-Fi access point or a CCTV camera, default factory credentials are only there to be changed upon installation.