Trend Micro blocked five million IoT camera hack attempts

Trend Micro security researchers have blocked five million attempts to hack Internet or Things (IoT) cameras. Many cameras are easy to hack because users are not asked to change a default password.

Internet-connected cameras have become an important target for hackers. By being able to look into someone’s house or company, information can be collected. This information can be used, for example, for blackmail or to see if someone is present.

Analysis of hack attempts

To block the many attacks, Trend Micro collaborated with VIVOTEK, writes IoT News. The companies analyzed data from 7,000 IP cameras to determine the scale of the threat to the devices, and to discover how few protections there are.

According to Steve Ma, VP of Engineering at VIVOTEK, manufacturers are not able to deal with the risk without knowing the cause and methods of attack.

The companies found that 75 percent of the blocked attacks were brute force login attempts. According to Trend Micro, this shows a clear pattern that the devices are being attacked with common malware.

Reasons

Trend Micro gives several important reasons for hackers to hack into such cameras. For example, the devices can be misused by hackers for their own purposes – for example for a DDoS attack – because they are constantly connected to the Internet. If they’re not connected to the Internet, they don’t work well.

In addition, a technique for hacking one IoT device as an IP camera can often also be used on other devices of similar models. As a result, it takes little effort to hack into various devices. In addition, IP cameras have little user interaction and are often poorly maintained in terms of security.

According to Trend Micro, IP cameras also often have enough computing power to perform hack related tasks such as cryptographic currency mining, without end users noticing. Finally, the devices have access to a large bandwidth designed for video communication, which makes them interesting for DDoS attacks.