IoT botnets are becoming more popular to hackers in the recent times. The movements of Internet of Things (IoT) botnets has been seen only in the early 2014 and will likely to grow more aggressive as years go by. Apparently, any half-competent hacker can largely utilize an attack using various types of IoT devices with CCTV cameras reported as the most common.
Botnets consist of various Internet of Things (IoT) devices, especially CCTV cameras, is no longer a new thing. In fact, there are about 5.5 million devices that are connected to the internet on a daily basis in 2016. And CCTV cameras have a significant rate of percentage in these numbers. It is not that surprising that different actors in the cyber realm were able to utilize these devices.
In 2014, a prominent cloud-based application delivery platform – Incapsula, has warned the industry about this concern. They saw an increase in activity of about 240% on their own network. They were able to trace the devices used and it all lead them to compromised CCTV cameras.
Back at that time, there were about 245 million CCTV cameras operating around the globe. And this number is only accounted for CCTV cameras that are installed by professionals. As for the DYI and non-pro installations which obviously have lesser security precautions, the number is unknown but it is deemed to be millions or much more.
CCTV Cameras Are A Favorite of IoT Botnets
There are a lot of reasons why CCTV cameras have been the most attractive targets for bot herders. Ironically, these cameras are meant to give security and safety to users but they are considered to be the least protected IoT devices.
- Market Competition
As the year passes by, the tech market is becoming more competitive which includes obviously the security systems industry. The number of providers and manufacturers is significantly increasing. Certainly, each of these companies is very much eager to be the first on the scene. Hence, products are rushed in to the market, hardware costs are limited, and deadlines are strictly complied.
These factors are affecting the security development lifecycle of the cameras and products. The needed attention for security development is often neglected in meeting such market goals.
- Incompetent Developers
Another apparent reason why CCTV cameras are easily targeted is that the developers often come from an unconnected background. Most of the developers have an embedded system which normally would only require one to have the knowledge when it comes to the overall functionality. But, in terms of writing and applying principles of secure codes to a connected environment, they are not very well experienced.
- Access and Connection To The Internet
CCTV cameras have a full access to the internet. In addition, these products are not subjected to bandwidth limitations and filtering. They also have high upload connections to support fully their remote streaming features. These things are mainly the factors needed for a certain device to be used as a botnet which is why many actors – both sponsored and not – are very much attracted to using CCTV cameras for their respective attacks and actions.
- Minimal Operating Systems
Most Internet of Things (IoT) devices, especially CCTV cameras, are ran by minimal operating systems. Typically, they are a stripped-version of Linux. It is much easier for malware to infect the device since it can be compiled conveniently for the target structure.
Accordingly, minimal operating systems can also mean less space for additional security features. One of such is the auditing which allows actors to compromise the product without leaving any traces.
It is found that all IoT devices have their own vulnerabilities. According to the experiment and research conducted by Cloudview, a cloud-based video surveillance company, CCTV cameras can be easily hacked in a few minutes.
Traditional DVR-based systems have problems in its Dynamic DNS, firmware updates, and port forwarding. These problems are apparently leaving the devices open to backdoors. There are recurring problems as well in its encryption and protocols as they are lacking much security.
There are vulnerabilities as well that are considered as negligence on the user’s and owner’s end. One of which is when default passwords are left untouched and unchanged, it is much easier for malware to infect the device by using various brute-forcing devices.
Moreover, most Internet of Things (IoT) devices including many CCTV cameras were not designed to have their own built-own security.
CCTV Botnets Today
Although these occurrences are not unexpected the increasing numbers and intensity of attacks are quite alarming. And this has become a real security concern in the recent times. Distributed Denial-of-Service (DDoS) attacks are now utilized with the use of CCTV cameras.
As a matter of fact, the controversial DDoS attack last 2016 are triggered and launch from these type of IoT botnets. Thousands of Internet of Things (IoT) botnets were created using the Mirai malware which apparently was leaked and now can be accessed open source. Even low-level actors could actually launch massive DDoS attacks once they get a hold of the source codes. The attacks made in 2016 were launched exceeding 600 Gbps which at that time (and up until today) is very and significantly huge.
The aggressive attacks that have been launched the past few years are only a few indications how massive and powerful IoT botnets can become in the next few years.
Gurupriyan is a Software Engineer and a technology enthusiast, he’s been working on the field for the last 6 years. Currently focusing on mobile app development and IoT.