Chinese electronics component manufacturer Hangzhou Xiongmai Technology (Xiongmai) has said that its products inadvertently played a roll in Friday’s massive cyber attack that disrupted major internet sites including Twitter, Spotify and PayPal throughout the USA and other parts of the world on Friday.
Xiongmai are a vendor of Internet-connected cameras and DVRs. The company admitted that security vulnerabilities involving weak and unchanged passwords were partly to blame for the attacks. According to security researchers, an Internet of Things (IoT) bot called Mirai is responsible. It’s estimated that Mirai infects over 500,000 devices, and around 10% of these were used in Friday’s DDoS attack.
The Guardian reports that Friday’s cyber attack has alarmed security experts around the world because it presents a new type of threat. What makes it unique is that it’s based around the vast distribution of seemingly innocuous devices like webcams. Because such devices are considered to be mostly harmless, the security surrounding them is often quite weak. The Xiognmai products being recalled are all webcam models.
It’s not uncommon to leave IoT devices at their defaults. I’ve got a few here that are still on their default settings, purely because they’re only used on a local network, and not the actual Internet. For many users, though, they don’t even know there are remote login passwords for their devices, or that they need to be changed at all. What’s even worse is that some devices don’t even allow you to easily change it.
That is the issue with these webcams. There’s no way for users to change the password. Zach Wikholm of security firm Flashpoint, told journalist Brian Krebs, “The password is hardcoded into the firmware, and the tools necessary to disable it are not present. Even worse, the web interface is not aware that these credentials even exist”.
The good news is that with these particular webcams, the malware can be disabled by simply rebooting the device. The bad news is, it’s already out there on so many devices already, that your machine would be reinfected within about five minutes.
With the multitude of potentially exploitable devices in our lives today, which can include devices such as DSLR remotes, it’s only going to get worse as time goes on. At least, it is if IoT vendors don’t start seriously upping their security game.
Has this made you start taking a more serious look at the random devices you own? Has it put you off purchasing IoT devices? What about those Smart TVs and Android based media centres? Who really knows what’s vulnerable? Is it too late to put the genie back in the bottle? Or can we get ahead and take control of this? Let us know your thoughts int he comments.