Wanna stay safe? Trash that internet-connected security camera
Security vulnerabilities in hundreds of thousands of closed-circuit internet connected security cameras in use around the world are so severe that they simply should be thrown in the trash, a Boston-based cybersecurity firm said Tuesday.
The vulnerabilities make the cameras prone to getting hijacked and turned into drones in a zombie digital army to disable websites of companies – or conduct large-scale attacks on the internet itself, Cybereason said.
Hundreds of thousands of the vulnerable cameras appear to be in use around the world, and they aren’t designed to receive software updates and can’t be patched, the principle security researcher for Cybereason, Amit Serper, said in a note.
“The only way to guarantee that an affected camera is safe from these exploits is to throw it out. Seriously,” Serper wrote.
In a telephone interview, Serper said he and a colleague, Yoav Orot, who works out of Tel Aviv, discovered the vulnerabilities two years ago but did not pursue the matter and are releasing their findings only now because recent events have shown that everyday items in the “internet of things” can be harnessed together in robotic networks, or botnets, to conduct crippling attacks.