How Cameras Became an Internet Weapon

On Friday – 21 October, 2016, hackers crashed parts of the Internet, specifically services located on the East Coast of the United States. They used an old technique known for 20 years, a “DNS DDoS.”

However, instead of launching the attack from virus-infected computers as has been the norm, hackers launched the attack from small, Internet-connected devices like security cameras. This is a worrisome development—such devices offer hackers a powerful new weapon.

The “Internet-of-Things” (IoT) revolution is sweeping the Internet, adding cars, pace makers, industrial robots, toasters, and security cameras to the Internet. If you own an appliance or device that uses electricity, you can find a similar device which connects to the Internet. Through a voice-activated device such as an Amazon Echo, you can command the coffee to start brewing, the car to start warming, and the lights to turn on in the morning—all before getting out of bed. According to research group Gartner, more than 6 billion of these devices will be on the Internet by the end of 2016.

This trend comes at the cost of cybersecurity. They are cheap devices that cut corners. While they are not prone to the same attacks as your home computers (such as phishing emails), they have other common problems (like backdoor passwords). These are passwords, like “support”, that vendors put secretly in their devices for various reasons. While vendors think they are clever and secretive, hackers find these passwords effortlessly. They create lists of these well-known backdoors and trade them among themselves.

Luckily, the devices installed in your home are behind your firewall, so they are secure against most hacker attacks. A firewall is a common security device that allows outbound communication with the Internet, but blocks most inbound communication. Most of the devices that connect homes to the Internet contain a firewall. However, many more are placed directly on the Internet, where hackers can easily gain control of them.