As we reported earlier today, according to Bloomberg, Internet-connected CCTV cameras made by a Chinese firm, Hangzhou Xiongmai Technology were infected with malware that allowed hackers to takeover "tens of millions" of devices and launch the distributed denial-of-service (DDoS) attacks which brought the internet across much of the US, and especially on the east coast, to a virtual crawl for hours on Friday.
As Bloomberg first reported, and many others confirmed, the company itself admitted its culpability, with the security camera maker saying "its products were used to launch a cyber-attack that severed internet access for millions of users, highlighting the threat posed by the global proliferation of connected devices. The attackers hijacked CCTV cameras made by Hangzhou Xiongmai Technology Co. using malware known as Mirai, the company said in an e-mailed statement. While Xiongmai didn’t say how many of its products had been infiltrated, all cameras made before September 2015 were potentially vulnerable."
However, just a few hours later, the company appears to have changed its tune.
As IP Video Market reports, "the Chinese video surveillance manufacturer, Xiongmai, whose equipment numerous sources blame for driving massive Internet attacks over the past month has fired back, defending itself against allegations. Moreover, they have involved the Chinese government's Ministry of Justice threatening legal action against those defaming them."
More from the report:
Various publications have cited Xiongmai's products as being used in these cyber attacks.
Cybersecurity journalist Brian Krebs, one of the first Mirai victims, called out Xiongmai:
These products from XiongMai ... will remain a danger to others unless and until they are completely unplugged from the Internet.
Security research firm Flashpoint linked XiongMai to the Mirai botnets:
a very large percentage of these IP involved in the DDoS attacks were hosting XiongMai Technologies-based products.
ComputerWorld claims that XiongMai has taken direct responsibility:
Hangzhou Xiongmai Technology, a vendor behind DVRs and internet-connected cameras, said on Sunday that security vulnerabilities involving weak default passwords in its products were partly to blame.
However, XiongMai is now fighting back. Working with the Chinese Ministry of Justice, they are attacking 'false statements' and threatening legal action in a Oct 24 social media posting.
Xiongmai / Ministry of Justice denied responsibility:
XiongMai's products for embedded closed system, the product can not be manipulated by criminals.
Xiongmai / Ministry of Justice blamed users:
The event hackers control products is the use of users do not change the initial password accustomed to the operation
Finally, they threatened legal action against those who 'falsely' claim they are fault:
Organizations or individuals false statements, defame our goodwill behavior ... through legal channels to pursue full legal responsibility for all violations of people, to pursue our legal rights are reserved.
Why XiongMai Is Widely Unknown Even Within the Industry
Xiongmai does not sell nor market under its own brand. Rather, it OEMs / supplies to hundreds of 'manufacturers' / companies who incorporate their components / modules into their own products.
However, Xiongmai is one of the largest suppliers in the global video surveillance market. Sources within the China video surveillance industry indicate that, via their OEMs / customers, they are the 3rd largest video surveillance provider, behind Hikvision and Dahua.
Dahua, the #2 China video surveillance manufacturer, has been at the center of the Mirai botnet attacks as well, and while they have not threatened legal action, they have also been defensive. Brian Kreb's called Dahua duplicituous and our analysis found that Dahua was deceitful in their response.
Hikvision Not Involved
The largest China video surveillance manufacturer, Chinese government owned Hikvision, has not been accused of being involved in the Mirai botnet attacks, which is certainly very good news for them, considering their leading Chinese rivals have been. Of course, Hikvision products suffered major hacking attacks in 2015.
Legal Threat Impact Very Low
We believe Xiongmai has issued this announcement as a PR effort within China, to help counter criticisms they are facing. We do not believe that Xiongmai or the Ministry of Justice is seriously going to sue any Western companies as this is a typical tactic to save face.
Chinese Video Surveillance Market Impact
Over the past 5 years, Chinese video surveillance manufacturer's share of the global video surveillance market has surged. Between the security flaws of products from Xiongmai and Dahua and Hikvision being owned by the Chinese government, this has created extreme concerns about the impact of Chinese video surveillance products.