Now Knocking A Country Offline - The Video Surveillance Driven Botnet Wreaks Havok

Author: John Honovich, Published on Nov 03, 2016

The video surveillance driven botnet is now attacking an entire country.

The Mirai malware that took advantage of poor security in Xiongmai, Dahua and other devices has graduated from attacking reporters to companies and now to countries.

The country of Liberia's Internet was attacked and knocked offline temporarily using Mirai, as first reported by Kevin Beaumont. It is not clear if the goal of the hackers using Mirai is to hurt Liberia or to use this as a test / warm-up for bigger attacks.

Mirai Not Going Away / Bad For Video Surveillance

The net/net here is that this is a clear sign that Mirai is not going away. There are fears, increasingly reasonable, that Mirai could be used to disrupt parts of the Internet during the US election days away. And, even if not that, there is many ways Mirai could cause significant damage and disruption.

And while ultimately the problem is rooted in manufacturers like Xiongmai and Dahua with poor security decisions, the entire reputation of the video surveillance industry is at risk as the public increasingly associates Internet outages with video surveillance devices too cheap or dumb to take basic security precautions.

2 reports cite this report:

Network Security for IP Video Surveillance Guide 2016 on Feb 03, 2016
Keeping surveillance networks secure can be a daunting task, but there are several methods that can greatly reduce risk, especially when used in...
Remote Network Access for Video Surveillance on Mar 13, 2015
Remotely accessing video is difficult for 3 reasons. Private Networks: Almost all video surveillance uses private IP addresses, that are by...
Comments (22): PRO Members only. Login. or Join.

Related Reports on Hacking

Uniview Weak Local / Strong Remote Password Policy Tested on Mar 14, 2017
With the continuing onslaught of cyber-security breaches (see Dahua backdoor recently discovered, Hikvision defaulted devices getting hacked)...
Genetec Comments on Washington DC MPD Hack on Mar 13, 2017
This January, the Washington DC police video surveillance system was hacked with ransomware, impacting 123 of 187 cameras. Last month, IPVM...
Hikvision New Security Vulnerability on Mar 12, 2017
Hikvision has disclosed a new security vulnerability that affects 200+ of their IP cameras over the past few years. In this note, we examine the...
FLIR Responds to Dahua Backdoor on Mar 10, 2017
FLIR is the first Dahua OEM partner to issue a statement following Dahua's backdoor disclosure: Certain FLIR and Lorex branded products that...
Hikvision Firmware Decrypted on Mar 09, 2017
A developer has decrypted Hikvision's firmware, allowing examination of Hikvision's device source code and contents. In this report, we overview...
Dahua Backdoor Uncovered on Mar 06, 2017
A major cyber security vulnerability across many Dahua products has been discovered by an independent researcher, reported on IPVM, verified by...
Who Is Hacking Hikvision Devices? on Mar 06, 2017
Someone or organization is mass hacking Hikvision devices, actively and systematically running a script / program across the Internet that looks...
Hikvision Defaulted Devices Getting Hacked on Mar 02, 2017
Hikvision devices with default passwords and remote network access enabled (via DDNS, public IPs, etc.) have experienced wide spread hacking over...
Hikvision Barred From US City Housing Authority Bid on Feb 14, 2017
A US city's housing authority has barred Hikvision products from their bid, due to 'increasing security concerns.' In the past few...
Hikvision Pledges 'Never' 'Backdoors' on Jan 27, 2017
With criticisms rising, Hikvision has gone on the record publicly declaring: Hikvision never has, does or would intentionally contribute to...

Most Recent Industry Reports

Axis Camera Vulnerabilities From Google Researcher Analyzed on Mar 23, 2017
A Google security researcher has reported 6 vulnerabilities for Axis cameras, affecting multiple models and firmware versions. In this report, we...
OpenEye Takes Aim At Exacq on Mar 23, 2017
First Milestone targeted Exacq with a takeover offer, and now OpenEye is gunning for them with an offer to swap out Exacq for their cloud-managed...
Lock Keyways For Access Control Guide on Mar 23, 2017
Lock keyways can be the difference between a lock working or not. Understanding keyways is important for access control. Indeed, a member recently...
Broken Browser Support for Video Surveillance on Mar 22, 2017
Modern web browsers have left the security industry behind. Current Chrome, Firefox, and Microsoft Edge browsers do not support NPAPI plugins,...
ADI Favorability Results on Mar 22, 2017
150 North American integrators provided feedback on 6 distributors, and why they do (or do not do) business with ADI. ADI is clearly a big name in...
1 Million Dahua Devices Exposed To Backdoor on Mar 22, 2017
Statistics show that 1 million Dahua devices are publicly exposed and vulnerable to the Dahua backdoor. Despite this, Dahua has downplayed the...
Hikvision Hires Crisis Communication Writer on Mar 21, 2017
Hikvision has hired a crisis communication writer as the company ramps up its efforts to deal with the 'crisis' it feels it is facing. 'Crisis...
Glass Break Sensor Tutorial on Mar 21, 2017
Burglars often break glass windows to get into a house. Using glass break detectors in conjunction with alarm contacts is a good way to protect the...
Unikey Smart Phone Access Control Platform on Mar 21, 2017
More and more people carry smart phones. Many think this could replace the conventional key or card for access control. However, using a phone...
Hikvision Attacks IPVM on Mar 20, 2017
Hikvision has attacked IPVM repeatedly over the last month, both in the international press and in its dealer communications. Attacks Listed On...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact