Hangzhou Xiongmai Issues Recall Of Connected Devices After Friday's Massive DDoS Attack
Chinese manufacturer Hangzhou Xiongmai is issuing a recall of several of its webcams and other devices that were exploited by hackers to assist in Friday's massive distributed denial of service [DDoS] attacks.
The company, which sells components for surveillance video cameras, dashboard cameras and DVR devices, announced that it will recall the web cameras that use its circuit board and other components – which were one of the many devices used in the attack.
The company's statement said it would ’recall some of its earlier products sold in the United States, strengthen password functions and send users a patch for products made before April last year," according to a report by Reuters. The company also encouraged its customers that are not part of the recall to change their passwords, especially those using the default password on their devices.
[Related Video: Are IoT Security Concerns Unfounded?]
The denial of service attack was launched Friday through Internet of Things consumer devices, including webcams, routers and video recorders, to overwhelm servers at Dynamic Network Services (Dyn), leading to the blockage of more than 1,200 websites.
The attack on Dyn, which connects users to websites such as Twitter, Spotify and Netflix, came from tens of millions of addresses on IoT devices infected with malicious software codes, knocking out access by flooding websites with junk data.
Hangzhou Xiongmai said in the statement that its devices did not make up the majority of those used in the attack – but it would recall products sold before April 2015.
Solution providers like Douglas Grosfield, founder and CEO of Kitchener, Ontario-based Five Nines IT Solutions, say that many smart home device manufacturers still do not provide the ability to password-protect their connected devices and security remains an "after thought" in the IoT industry.
"[Vulnerable devices] will continue to create these issues on a growing scale unless consumers vote with their wallets and force manufacturers to address security related shortcomings in their offerings in this market by refusing to purchase devices until the issues are addressed," he said.