You already know you should keep your computer, tablet, and phone updated to keep them secure (or at least I hope you know that by now, otherwise I’m not doing my job). But a recent malware attack shows why it’s also important to keep all the other devices on your Wi-Fi network updated as well. Recently, an outdated Wi-Fi security camera was the key failure point in a massive ransomware attack.
Digital security firm S-RM (via BleepingComputer) details how a well-known gang of hackers got access to a company’s network, either by using stolen credentials or cracking passwords. The ZIP files containing the encryption tool that would lock the real users out of the system were being flagged and quarantined by Windows’ Endpoint Detection Response tool, so the hackers got crafty and used their access to the larger network to find alternate angles of attack.
According to the security researchers, the hacking gang found a Wi-Fi camera and a fingerprint reader on the local network and identified both as vectors for delivering the ZIP payload. (S-RM calls it a “webcam,” but based on the description of an “internet of things” camera with network access and an integrated Linux operating system, it sounds more like your typical Wi-Fi security camera.) The camera didn’t have the same endpoint detection response tools as Windows and was thus unprotected. This flaw was previously patched out by the manufacturer… but the owners hadn’t applied it with a software update.
The hackers deployed a Linux-based tool to deliver the package to the camera, which then spread to the Windows systems on the network, bypassing the Windows file scanning tools. At this point in a heist movie, the smarmy know-it-all leader would say their catchphrase with a smirk.
Network-connected cameras have been a security issue for a long time. Both S-RM and BleepingComputer point out that this particular attack would have failed if the camera had been running on the latest software. While that’s technically true, we’re talking about an organized and targeted attack on a corporate network — I wonder if the hackers would have simply found another way in given enough time.
Having said that, this is an object lesson in keeping your stuff updated. Your home Wi-Fi network is unlikely to be specifically targeted by hackers, but wider searches for unsecured devices just like that camera are happening all the time… and ransomware is no joke.
