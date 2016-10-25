By Sijia Jiang
| HONG KONG
HONG KONG Oct 25 A recall of webcams linked to
a major cyber attack in the United States last week will involve
up to 10,000 of the compromised devices, Chinese manufacturer
Hangzhou Xiongmai Technology Co told Reuters on Tuesday.
Xiongmai said it would recall some surveillance cameras sold
in the U.S. on Monday after security researchers identified they
had been targeted in the attack, which rendered Twitter, Spotify
and dozens of other major websites unavailable.
Friday's cyber attack alarmed security experts because it
represented a new type of threat rooted in the proliferation of
simple devices such as webcams which often lack proper security.
Hackers found a way to harness hundreds of thousands of them
globally to flood a target with so much traffic that it couldn't
cope, cutting access to some of the world's best known websites.
The disruptions come at a time of unprecedented fears about
the cyber threat in the United States, where hackers have
breached political organizations and election agencies.
Liu Yuexin, Xiongmai's marketing director, told Reuters the
company would recall the first few batches of surveillance
cameras made in 2014 that monitor rooms or shops for personal,
rather than industrial, use.
Xiongmai had now fixed loopholes in earlier products,
prompting users to change default passwords and having telnet
access blocked, Liu said. He declined to give an exact number of
vulnerable devices, but estimated it at less than 10,000.
Devices using the firm's components in China and elsewhere
were unlikely to suffer from similar attacks because they were
more frequently used for industrial purposes and within more
secure intranet networks, he added.
"The reason why there has been such a massive attack in the
U.S. and (one) is not likely going to be in China is that most
of our products in China are industrial devices used within a
closed intranet only," Liu said.
"Those in the U.S. are consumer devices exposed in the
public domain," he added.
Liu said surveillance cameras with core modules made by
Xiongmai were widely used for banks, shops and housing estate
surveillance in China. The firm is a "top three supplier" in
China, he said, but declined to name specific clients.
Beyond the recall, Liu added the firm may take measures to
enhance the safety of its products by migrating to safer
operating systems and adding further encryption.
"Internet of Things (IoT) devices have been subject to cyber
attacks because they are mostly based on the Linux open source
system," he said. "Our R&D department had been looking to
develop products based on other systems since 2015 and plan to
do more in the future."
(Editing by Adam Jourdan and Alexander Smith)