November 24, 2024 12:22 PM

Chinese Firm Recalls Webcams Used In Massive Cyber Attack

Hangzhou Xiongmai Technology, a Chinese electronic maker, has recalled millions of products sold in the U.S to prevent the massive cyberattack that temporarily blocked access to websites such as Twitter and Netflix.

The Chinese firm said that millions of web-connected cameras and digital recorders became compromised because customers failed to change their default passwords.

Liu Yuexin, Xiongmai's marketing director, said that Xiongmai and other companies across the home surveillance equipment industry were informed of the vulnerability in April 2015. Liu added that Xiongmai moved immediately to plug the gaps and should not be singled out for criticism.

"We don't know why there is a spear squarely pointed at our chest," Liu said.

According to USA Today, "The hack has heightened long-standing fears among security experts that the rising number of interconnected home gadgets, appliances and even automobiles represent a cybersecurity nightmare. The convenience of being able to control home electronics via the web also leaves them more vulnerable to malicious intruders, experts say."

Unknown hackers held control of gadgets including Xiongmai's on Friday and directed them to launch an attack that briefly disrupted access to a host of sites, like Twitter, Netflix, Amazon and Spotify.

The "distributed denial-of-service" or DDoS attack targeted servers run by Dyn Inc., which is an internet company in Manchester, New Hampshire. These kinds of attacks run by overwhelming targeted computers with junk data so that legitimate traffic can't get through.

"The issue with the consumer-connected device is that there is nearly no firewall between devices and the public internet," said Tracy Tsai, an analyst at Gartner, adding that a lot of consumers ignore the default setting on devices for their convenience without knowing the dangers.

"The all day disruption of DNS services first in the Eastern USA and later impacting customers of Dyn, a DNS provider, globally might be the beginning of a new era of internet attacks conducted via 'smart' things," Chester Wisniewski, principal research scientist from security firm Sophos, told Daily Mail.

"Clearly they aren't as smart as we think, if they can be so easily commandeered by random deviants on the internet to impact major services like Twitter, Reddit and Spotify," he added.

Join the Discussion
Real Time Analytics