WE GIVE UP. We have a fresh security alert for you, and it is significant. The panic mongers at Sucuri Security have warned that hackers are using CCTV systems and the Internet of Things (IoT) to cause denial-of-service attacks, late nights and lost money.
The poor old IoT is just trying to become accepted as an alternative to doorknobs, kettles, running a bath, and opening a curtain, and people cannot seem to leave it alone.
There is a whole industry of firms waiting for its mass adoption and its resulting financial yield so it would be nice if it could be left alone.
But no, this is technology so it is a target, and we recently reported that just one in 10 devices might be secure. Sucuri at least has a spin on the thing, saying that it came across the problem while protecting one of its customers.
"It all started with a small bricks and mortar jewellery shop that signed up with us to help protect their site from a DDoS that had taken them down for days. By switching their DNS to the Sucuri Network, we were able to quickly mitigate the attack for them," the company said in a blog post.
"It was a layer 7 attack (HTTP flood) generating close to 35,000 HTTP requests per second which was more than their web servers could handle. Normally, this would be the end of the story. The attack would be mitigated, the attackers would move on after a few hours, and the website owner would be happy.
"In this case, however, after the site came back up, the attacks increased their intensity, peaking to almost 50,000 HTTP requests per second. It continued for hours, which turned into days."
Sucuri dug deeper into the problem and found out how the blighters bashed their way in. Prepare yourselves, as they were doing it just by exploiting IoT devices.
"It is not new that attackers have been using IoT devices to start their DDoS campaigns. However, we have not analysed one that leveraged only CCTV devices and was still able to generate this quantity of requests for so long," added the firm.
"As we extracted the geo-location from the IP addresses generating the DDoS, we noticed that they were coming from all over the world, different countries and networks. A total of 25,513 unique IP addresses came within a couple of hours."
That's a lot of countries and a lot of CCTV cameras. The bulk of the devices were found in Taiwan, then the US and then Indonesia. The UK, which has a lot of CCTV cameras, does not make it into the top 10.
Sucuri's interest was piqued by the appearance of some IPv6 devices, although these were very much in the minority and made up only five per cent of the network.
"As far as the DDoS attack, it was a variation of the HTTP flood and cache bypass attack, which is pretty standard and mitigated by the Sucuri Firewall. Very few servers can handle 50,000+ requests per second, but due to our Anycast network and stack optimisation, that number is easily mitigated by us," said the firm.
"Unfortunately, as website owners, there is not much you can do to get those 25,000+ CCTVs fixed and protected. You also can't do much to fix the millions of vulnerable devices on the internet that can be used as botnets and DDoS amplification methods.
"However, you can do your part. If you are an online camera user or vendor, please make sure it is fully patched and isolated from the internet." µ
Firm promises service will be 'privacy-sensitive'
Linux founder says those that don't agree are 'f*cking morons'
But you'll have to put up with it for another few weeks
The first will be launched before the end of the year