United States network was Chinese-made cameras in trouble? Involved vendors cry foul-Internet, security, camera-IT information
A massive Internet paralysis across the United States, a Chinese technology company was put into the spotlight.
On October 21, the United States domain name server management services provider Dyn malicious software attacks, leading to dozens of websites for downtime, after 2.5 hours later, began to recover, including Twitter, Amazon, Paypal, including several well-known websites inaccessible.
Security researchers said that the culprits for network outages caused, may be a large number of Internet networking equipment--including cameras and digital video recorders, were using these devices might be hijacked by hackers.
It is reported that control these devices malicious software called Mirai. Mirai malware source code developed by anonymous people, and the public in October. Mirai software can infect vulnerable networking devices, including security cameras, DVR and Internet routers. Via a malicious infection, these Internet appliances will become a zombie network of broiler equipment, and be used to implement large scale DDoS attack.
United States security firm survey found that most of the components of the product concerned manufactured by a Chinese manufacturer-Hangzhou male information technology limited (hereinafter referred to as male in Hangzhou).
"The products of our company in May last year after foreign media reports is not an issue, online reports from Taiwan, a rival of deliberately smearing. "Hangzhou male salesman Chen 赟 surging News (www.thepaper.CN) reporter said.
Chen 赟 said the United States market is a very important piece of the company's business, and now public opinion has had a negative impact on the image of your company, "we gave United States response is says in the last part of the message may be a security vulnerability, does not mean that we should acknowledge our network across the United States take full responsibility. ”
On October 24, the foreign media, said Hangzhou males admitted in an e-mail message, related to its products with the default password strength are not high security flaws, was triggered on Friday United States massive attacks in part because of the Internet. Company wrote in the message: "Internet of things, Mirai is a major disaster. (We) must recognize that our products be compromised by hackers and illegal use. ”
▲ Male production of the main products of Hangzhou.
According to Internet backbone service provider Level 3 Communications said, because of their low default password strength, Mirai has infected at least 500,000 units.
Website information shows that total number of males in Hangzhou employs nearly 2000 people, research staff of more than 300 people, is a flagship security monitoring modules, motherboards, software and solutions for technology and hardware products company. Main products include coaxial AHD HD modules and motherboard, network HD modules and boards, AHD/network a whole movement, auto focus module, consumer QQ modules, CMS, VMS, SNVR, myeye surveillance platform software and cloud services.
According to Chen 赟 introduction, media calls the password strength are not high security vulnerabilities, corporate customers that have already been discovered in more than a year ago, and in May 2015, after plugging that loophole in the product, and products as long as the new system before the upgrade will not appear similar to the hazard.
"Before last May, the TELNET port is turned on by default in our products, this is done to facilitate customers in the secondary development based on our products. But later found it was likely left a back door for hackers, so he closed the port. "Chen 赟 explained.
"There is a reason the factory default for the device is the same user name, no password, instructions require the user to change the password before using, but many customers will not do so. "Chen 赟 added," in fact domestic products from other manufacturers have adopted this approach, United States network last week paralysed the manufacturers involved not only our family, but everyone plays the male, we are judged. ”
Male advice to stop the Mirai malicious, users should upgrade the firmware, modify the default user name and password. Users can also disconnect the device connected to the Internet.
Business statistics, males registered in April 2009, Hangzhou, registered capital of 60 million Yuan, the legal representative for Chen Xiaoe. Shareholders, including Chen Xiaoe 8 natural person shareholders and investment there was a name for that sound-us science and technology limited company of Hangzhou cable subsidiary.
全美国网络瘫痪是中中国国产摄像头惹祸?涉事厂商喊冤 - 物联网,安全,摄像头 - IT资讯
一场大规模的互联网瘫痪席卷了美国,让一家中国科技公司被放到聚光灯下。
10月21日,美国域名服务器管理服务供应商Dyn遭受恶意软件侵袭,导致数十家网站宕机,两个半小时后之后,才开始陆续恢复,包括推特、亚马逊、Paypal等在内的多家知名网站无法登陆。
安全研究人员表示,造成此次网络宕机事件的罪魁祸首,可能是大量的物联网设备——包括联网的摄像头和数字录像机,这些设备可能因遭到黑客劫持而被利用。
据悉,控制这些设备的恶意软件名为Mirai。Mirai恶意软件的源代码由匿名人士开发,并于10月公开。Mirai软件能够感染各类存在漏洞的物联网设备,其中包括安保摄像头、DVR以及互联网路由器等。通过恶意感染,这些物联网装置将成为僵尸网络中的肉鸡设备,并被用于实施大规模DDoS攻击。
经美国安全公司调查发现,这些涉事产品的大部分组件由中国一家厂商制造——杭州雄迈信息技术有限公司(以下简称杭州雄迈)。
“我们公司在去年5月以后的产品不存在外媒报道的问题,网上的报道是来自台湾一家竞争对手的蓄意抹黑。”杭州雄迈销售负责人陈赟向澎湃新闻(www.thepaper.cn)记者表示。
陈赟称,美国市场是公司很重要的一块业务,现在的舆论给公司的形象带来了负面影响,“我们在给美国的回复邮件中是说公司过去的部分产品中可能存在安全漏洞,并不意味着我们承认我们应该为全美的网络瘫痪担全责。”
10月24日,有外媒称,杭州雄迈在一封邮件中承认,其产品中与默认密码强度不高有关的安全缺陷,是引发上周五美国大规模互联网攻击的部分原因。公司在该邮件中写道:“对于物联网来说,Mirai是一场重大灾难。(我们)必须承认,我们的产品被黑客攻破,并被非法利用。”
▲杭州雄迈生产的主要产品。
据互联网主干网服务提供商Level 3通信公司称,由于这些设备默认密码强度不高,Mirai感染了至少50万台设备。
官网信息显示,杭州雄迈拥有员工总人数近2000人,研发人员300多人,是一家主打安防监控模组、主板、配套软件以及产品解决方案的技术及硬件公司。主要产品包括AHD同轴高清模组及主板、网络高清模组及主板、AHD/网络一体机芯、自动聚焦模组、消费类QQ物联模组,CMS、VMS、SNVR、myeye监控平台软件、云服务等。
据陈赟介绍,媒体所称的密码强度不高带来的安全漏洞,公司在一年多前经客户反映就已经发现,并在2015年5月之后的产品中封堵了这一漏洞,而对于之前的产品只要经过新的系统升级也不会出现类似隐患。
“去年5月之前,我们产品中的TELNET端口都是默认打开的,这样做的目的是方便客户在我们产品的基础上进行二次开发。但后来发现这样做很可能给黑客留了后门,于是就关闭了端口。”陈赟解释称。
“还有一方面的原因是出厂设备默认的是相同的用户名、没有设密码,说明书中要求用户使用前自行更改密码,但很多客户不会这样去做。”陈赟补充说道,“事实上国内其他厂家的产品也都采用这样的做法,美国上周的网络瘫痪牵涉的厂家也不只我们一家,但现在大家都拿雄迈做文章,我们很冤。”
雄迈建议,为阻止Mirai恶意件,用户应当升级产品固件,修改默认用户名和密码。用户也可以断开设备与互联网的连接。
工商资料显示,杭州雄迈注册于2009年4月,注册资本为6000万元人民币,法人代表为陈小鄂。公司股东为包括陈小鄂在内的8个自然人股东,并且投资有一家名为杭州索那声美科技有限公司的子公司。