CE Pro BEST Product Awards | CE Pro BEST Project Awards

Hacked Security Cameras, DVRs Cause Massive DDoS Internet Attacks

Distributed denial-of-service (DDoS) attacks carried out by hackers using as many as one million Chinese-made security cameras and other video surveillance products, according to Level 3 Communications.

Hacked Security Cameras, DVRs Cause Massive DDoS Internet Attacks

Rodney Bosch · October 5, 2016

Hackers seized control of countless security cameras and DVRs to unleash several massive Internet attacks last week, setting off fresh concerns about the susceptibility of connected devices in homes and businesses.

Level 3 Communications, a global communications provider based in Broomfield, Colo., identified video surveillance cameras and recorders made by Chinese manufacturer Dahua Technology as the sources of a majority of last week’s cyberattacks, but said other Web-enabled devices are also being hijacked into a new cyber warfare network currently being assembled.

“We’re thinking this is the tip of the iceberg,” Dale Drew, head of security at Level 3 Communications, told the Wall Street Journal.

A Dahua spokeswoman told the Wall Street Journal on Thursday the company is reviewing Level 3’s research. She said malware could succeed in attacking older devices with outdated software.

“We strongly recommend users to upgrade the firmware of devices,” and set a strong password to reduce risks, the spokeswoman told the newspaper.

“We’re thinking this is the tip of the iceberg.”​
— Dale Drew, Level 3 Communications

Dahua, said to be the world’s second largest provider of video surveillance products behind Hikvision, brings its wares to the security marketplace through distribution. 

Level 3 said H.264 DVRs made by Dahua were especially prevalent in the attacks, though security researchers said other brands were affected. In some cases the devices were not protected with passwords or had generic passwords, Drew told the newspaper.

The attackers used as many as one million Chinese-made security cameras, DVRs and other infected devices to generate webpage requests and data that knocked their targets offline, the newspaper reported. It has not been determined if the attackers had access to video feeds from the infected devices.

Among those affected last week by the distributed denial-of-service attacks (DDoS) was Akamai Technologies, a content delivery network and cloud services provider based in Cambridge, Mass. Akamai said malicious traffic on its network on Sept. 20 reached 700 gigabits a second — equivalent to 140,000 high-definition movies streaming at once.

In a distributed denial-of-service, large numbers of compromised systems (sometimes called a botnet) attack a single target. The website of well-known security researcher and journalist Brian Krebs was forced offline last week as well after getting hit for more than two days with an unprecedented flood of traffic.

“We need to address this as a clear and present threat not just to censorship but to critical infrastructure,” Krebs told the Wall Street Journal.

We're Looking for Your BEST Projects

Don’t miss your chance to enter to win a 2019 BEST Projects Award. We’ll be announcing winners at a special Gala event at CEDIA EXPO. We can’t wait to see what you’ve been up to this year! Enter your projects now.

  About the Author

Although Bosch’s name is quite familiar to those in the security industry, his previous experience has been in daily newspaper journalism. Rodney Bosch is an editor for CE Pro sister publication Security Sales & Integration. Bosch is a graduate of California State University, Fresno with a degree in Mass Communication & Journalism. In 2007, he successfully completed the National Burglar and Fire Alarm Association’s National Training School coursework to become a Certified Level I Alarm Technician. Have a suggestion or a topic you want to read more about? Email Rodney at rbosch@ehpub.com

Follow Rodney on social media:

Rodney also participates in these groups:
LinkedIn · Google+

View Rodney Bosch's complete profile.

  Article Topics

Security · Keypads & Control Devices · Surveillance Systems · News · Cybersecurity · All Topics
CE Pro Magazine

Read More Articles Like This… With A Free Subscription

CE Pro magazine is the resource you need to keep up-to-date on the latest products, techniques, designs and business practices. Subscribe today!

Subscribe Today!


There are no comments. Be the first to post!
There are no comments. Be the first to post!