International. A group of researchers from the security company Incapsula has detected a malware that infects video surveillance cameras to create with them a botnet network with which to launch DDoS attacks.
Globally, there are approximately 245 million registered closed-circuit surveillance cameras, and many of them still have the login credentials that come by default.
This security flaw is what hackers have taken advantage of to infect around 900 Linux-based surveillance cameras with malware and turn them into a botnet network to launch DDoS or Distributed Denial of Service attacks.
To carry out such an attack, hackers use a series of devices infected with specific malicious software that turns them into slaves or zombies, also called botnets. All the terminals of the network are directed at the same time to request the services of the victim, and the avalanche of requests slows down access or causes it to stop working, denying the service to real users.
According to Incapsula researchers, the botnet was composed of surveillance cameras from around the world and had the capacity to send up to 20,000 access requests per second. Their goal was an asset of a large cloud service that serves millions of international users.
To avoid this type of security problem, Incapsula experts remember that it is very important to modify the factory credentials both in the case of video surveillance cameras and in the case of other devices, which include routers, WiFi access points and other devices. Following basic security guidelines helps prevent our devices from becoming infected with malware.
