Attackers hijack CCTV cameras and network-attached storage devices to launch DDoS attacks
We’ve reached a point that security researchers have long warned is coming: insecure embedded devices connected to the Internet are routinely being hacked and used in attacks.
The latest example is a distributed denial-of-service (DDoS) attack detected recently by security firm Imperva. It was a traditional HTTP flood aimed at overloading a resource on a cloud service, but the malicious requests came from surveillance cameras protecting businesses around the world instead of a typical computer botnet.
The attack peaked at 20,000 requests per second and originated from around 900 closed-circuit television (CCTV) cameras running embedded versions of Linux and the BusyBox toolkit, researchers from Imperva’s Incapsula team said in a blog post Wednesday.