Chi­nese firm is­sues US re­call after mas­sive cyberattack

Malta Independent - - WORLD -

A Chi­nese elec­tron­ics maker has re­called mil­lions of prod­ucts sold in the U.S. fol­low­ing a mas­sive cyberattack that briefly blocked ac­cess to web­sites in­clud­ing Twit­ter and Net­flix.

Hangzhou Xiong­mai Tech­nol­ogy said in a state­ment that mil­lions of web-con­nected cam­eras and dig­i­tal recorders be­came com­pro­mised be­cause cus­tomers failed to change their de­fault pass­words.

The hack has height­ened long­stand­ing fears among se­cu­rity ex­perts that the ris­ing num­ber of in­ter­con­nected home gad­gets, ap­pli­ances and even au­to­mo­biles rep­re­sents a cy­ber­se­cu­rity night­mare. The added con­ve­nience of be­ing able to con­trol home elec­tron­ics via the web also leaves them more vul­ner­a­ble to ma­li­cious in­trud­ers, ex­perts say.

Uniden­ti­fied hack­ers seized con­trol of gad­gets in­clud­ing Xiong­mai’s on Fri­day and di­rected them to launch an at­tack that tem­po­rar­ily dis­rupted ac­cess to a host of sites, which also in­cluded Ama­zon and Spo­tify, ac­cord­ing to U.S. web se­cu­rity re­searchers.

The “dis­trib­uted de­nial-of-ser­vice” at­tack tar­geted servers run by Dyn Inc., an internet com­pany lo­cated in Manch­ester, New Hamp­shire. Th­ese types of at­tacks work by over­whelm­ing tar­geted com­put­ers with junk data so that le­git­i­mate traf­fic can’t get through.

“The is­sue with the con­sumer-con­nected de­vice is that there is nearly no fire­wall be­tween de­vices and the pub­lic internet,” said Tracy Tsai, an an­a­lyst at Gart­ner, adding that many con­sumers leave the de­fault set­ting on de­vices for ease of use with­out know­ing the dan­gers.

Re­searchers at the New York­based cy­ber­se­cu­rity firm Flash­point said most of the junk traf­fic heaped on Dyn came from internet-con­nected cam­eras and video-record­ing de­vices that had com­po­nents made by Xiong­mai. Those com­po­nents had lit­tle se­cu­rity pro­tec­tion, so de­vices they went into be­came easy to ex­ploit.

In an ac­knowl­edge­ment of its prod­ucts’ role in the hack, Xiong--

mai said Mon­day that it would re­call prod­ucts sold in the U.S. be­fore April 2015 to demon­strate “so­cial re­spon­si­bil­ity.” It said prod­ucts sold after that date had been patched and no longer constitute a dan­ger.

Liu Yuexin, Xiong­mai’s mar­ket­ing direc­tor, said in an in­ter­view on Tuesday that Xiong­mai and other com­pa­nies across the home sur­veil­lance equip­ment in­dus­try were made aware of the vul­ner­a­bil­ity in April 2015. Liu said Xiong­mai moved quickly to plug the gaps and should not be sin­gled out for crit­i­cism.

“We don’t know why there is a spear squarely pointed at our chest,” Liu said.

The com­pany, which also makes dash­board cam­eras and com­puter chips, said it would re­call more than 4 mil­lion we­b­con­nected cam­eras and has of­fered cus­tomers a soft­ware se­cu­rity fix. The re­call will ap­ply only to de­vices sold un­der Xiong­mai’s name. As an orig­i­nal equip­ment man­u­fac­turer, close to 95 per­cent of the com­pany’s prod­ucts are sold by other firms that repack­age its de­vices un­der their own brand names, Liu said.

Xiong­mai and Dahua, a video sur­veil­lance man­u­fac­turer also based in the east­ern Chi­nese tech hub of Hangzhou, first came un­der scru­tiny sev­eral weeks ago after Flash­point as­sessed that hack­ers had con­trolled their de­vices to at­tack the web­site of cy­ber­se­cu­rity writer Brian Krebs, among other tar­gets. Dahua has re­sponded by say­ing it is ded­i­cated to test­ing vul­ner­a­bil­i­ties, and has of­fered dis­counts for re­place­ment equip­ment.

Xiong­mai has adopted a less con­cil­ia­tory stance. It down­played its cul­pa­bil­ity this week, say­ing that as even the world’s largest tech­nol­ogy com­pa­nies ex­pe­ri­ence se­cu­rity lapses, “we are not afraid to also ex­pe­ri­ence it once.”

Xiong­mai also slammed as “com­pletely un­true, ma­li­cious and defam­a­tory” re­ports about its prod­ucts and ap­pended to its state­ment a let­ter from its lawyers threat­en­ing lit­i­ga­tion.

Pho­to­graph: AP

Four Pales­tinian friends who were in­jured dur­ing con­flicts walk by the sea at Gaza's small fish­ing har­bour on Mon­day. Fight­ing left thou­sands of peo­ple with dis­abil­i­ties or no limbs in this Pales­tinian en­clave

Newspapers in English

Newspapers from Malta

© PressReader. All rights reserved.