Army of we­b­cams used in net at­tacks

Malta Independent - - TECHNOLOGY -

One of the big­gest ever web at­tacks - in which more than one ter­abit of data was fired at a web­site to knock it off­line - has been re­ported.

Web host­ing com­pany OVH said it had been at­tacked by a bot­net (zom­bie army) of hacked de­vices such as we­b­cams.

The pre­vi­ous largest at­tack was thought to be one on se­cu­rity ex­pert Brian Krebs’ web­site which hit 620Gbps (gi­ga­bits per sec­ond).

That was also thought to be mounted via a bot­net of com­pro­mised smart de­vices.

It is not known whether the at­tacks were mounted by the same bot­net.

Both were so-called dis­trib­uted de­nial of service at­tacks - in which web­sites are hit by mas­sive amounts of data.

They have thrown the spot­light once again on the se­cu­rity of IoT (in­ter­net of things) de­vices.

Ac­cord­ing to a re­cent re­port on IoT mal­ware from se­cu­rity firm Sy­man­tec, cy­ber­crim­i­nals are in­creas­ingly look­ing for vul­ner­a­ble smart de­vices - such as TVs, home se­cu­rity sys­tems and we­b­cams.

“Cy­ber­crim­i­nals are in­ter­ested in cheap band­width to en­able big­ger at­tacks. They ob­tain this by hi­jack­ing our de­vices and stitch­ing to­gether a large web of con­sumer de­vices that are easy to in­fect be­cause they lack so­phis­ti­cated se­cu­rity,” said Nick Shaw from Sy­man­tec’s Nor­ton divi­sion.

OVH founder Oc­tave Klaba has been tweet­ing about the on­go­ing at­tack, up­dat­ing fol­low­ers on the num­ber of de­vices that are join­ing the bot­net, which at one point in­clud­ing more than 145,000 de­vices : “+15,654 new CCTV par­tic­i­pated in the DDoS last 48H,” his last tweet reads.

Mr Krebs’ web­site was off­line for nearly a week and, ac­cord­ing to Aka­mai - the se­cu­rity firm that sup­ported the site - the at­tack was nearly dou­ble the size of any pre­vi­ous one it had seen and was “among the big­gest as­saults the in­ter­net has ever wit­nessed“.

Dave Lar­son, chief tech­nol­ogy of­fi­cer at se­cu­rity firm Corero, said that IoT bot­nets were dis­rupt­ing the in­dus­try.

“The tools and de­vices used to ex­e­cute the at­tacks are read­ily avail­able to just about any­one; com­bin­ing this with al­most com­plete anonymity cre­ates a recipe to break the in­ter­net.”

Newspapers in English

Newspapers from Malta

© PressReader. All rights reserved.