Internet-connected cameras have slowly become a thing in recent years, and we expect tremendous growth in the sector as the Internet of Things flexes its muscle around the world. Now, with the rise of new and exciting devices that are connected to the web, hackers are bound to make their presence felt.
The reason for hackers wanting to take advantage of connected cameras is for the purpose of carrying out distributed denial-of-service (DDoS) attacks. This problem won’t go away in the short-term or the long-term, but it’s something security researchers have been attempting to get under control for many years.
The Persirai IoT botnet threat looms
Trend Micro, a team of security researchers, has managed to come across over 1,000 Internet Protocol (IP) cameras of different models that are at risk of being compromised by the Persirai threat. The Persirai botnet uses TCP Port 81 to gain access to each camera’s web interface, and from there, problems for the internet.
We should note that this threat is capable of exploiting the zero-day vulnerability to steal passwords located on the web.
Location of the most unsecured IP cameras
According to the researchers, a search engine known as Shodan was used to find over 122,000 unsecured cameras from several countries around the world. Note, this search engine specializes in finding connected devices.
The devices that are most at risk are located in China (20.3 percent), Thailand (11.6 percent), and the United States (8.8 percent). For those of us who are owners of Chinese-made IP cameras, there’s a good chance we have no idea the devices are infected with malware, and right there we have a major problem.
Hackers can easily direct these cameras to perform DDoS attacks on several targets on the web, and owners would have no idea this is happening. The attacks would likely work similar to the Mirai worm.
We understand that at least one manufacturer has updated their cameras to the latest firmware in a bid to close any known holes in the system. However, other cameras that are at risk continues to believe the latest firmware is up and running.
As it stands, the Internet would require all IP camera manufacturers to get onboard to help with putting an end to persistent DDoS attacks each year.
Connected IP cameras are still using default password
Not everyone knows that it’s critical to change the default password of every device that connects to the web. Henceforth, manufacturers should put a clause in place to make sure users modify the default password to something more secure.
“A large number of the infected devices are thought to still be using the default password that they shipped with, making it child’s play to hack the devices. It should go without saying that not changing default passwords on internet-enabled devices is a classic error that makes life all too easy for online criminals,” according to the press release.
Bear in mind; sometimes a secure password is not enough to stop attackers, which means, the best option is to block the camera from accessing the web entirely. A tough decision, this is true, but a necessary one nonetheless.