It seems that every month or so somebody starts a new thread here on GZ about port forwards to their CCTV cameras because they want to access them remotely. My stock standard response is to say that this should never under any circumstances be done and that the only secure way to access them is via VPN. Whether people pay any attention to that advice is something I can't answer.It was interesting to read an article about the world's largest DDoS attack a few weeks ago against KrebsOnSecurity. For those who don't know at it's peak the attack was 665Gbps.There is an article on Krebs about this, including the malware responsible for this attack which was specifically looking for known backdoors in common IoT and CCTV hardware to use them for the attack.https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack/There are still "security" people out there installing equipment that's inherently insecure because they have no knowledge of network security and could well be used for DDoS attacks.
↧