Chronicle staff
(NATIONAL) — Herein lies one more a cautionary tale about the “Internet of things.”
If you don’t know what you’re doing when you set these things up, it might be a good idea to hire somebody who does.
Rob Graham is CEO of a company called Errata Security. The firm bills itself as “A team of dedicated security researchers that practice offensive security. “
Errata says the insights gained from its research are provided to clients through what are called “Hacker Eye View” reports that cover “real world scenarios.”
And one real world scenario the company delved into recently is something that millions of consumers around the world do all the time: buy an off the shelf home security camera that’s Internet connected so that, among other tings, they can check what’s going on inside the home from anywhere they can get online.
Recently Graham bought a relatively inexpensive ($55) IoT Security Camera made by JideTech.
He set it up, connected to the Internet and watched in real time what happened. It took just 98 seconds for his new “security” device to be infected by malware. And the problem here is not brand-specific. The same thing could happen to numerous other makes and models of Internet-connected security cameras.
The issue is in how the camera unit is configured to a network.
The first piece of malware that invaded his device (there would be multiple “infections”) was similar to what is called Mirai malware.
Mirai (Japanese for “the future”) is malware that turns computer systems into remotely controlled “bots”, that can be used as part of a “botnet” in large-scale network attacks.
Mirai and similar malware primarily targets online consumer devices such as remote cameras and home routers, according to Wikipedia.
Luckily for Graham, since he knows what he’s doing, he did not do what the typical consumer would so in such an installation. He isolated the device from the rest of his network so he could watch what happened.
Bottom line: if you buy or receive an IoT security camera for Christmas, try to set it up correctly: change the default password to a new one before connecting to the Internet and make sure to put the device behind your firewall.
If you want to see the nitty-gritty tech view of how this infection occurred, NetworkWorld has a blow-by-blow description here .
