Skip to main content

Millions of IP cameras around the world are unprotected

Over 3.5 million active Chinese-manufactured IP cameras are only protected by a vendor’s default password, or lacking protection altogether, putting users at risk of snooping, experts have warned..

New research from CyberNews found over 458,000 devices protected only by default credentials operational in the US alone, alongside almost 250,000 in the United Kingdom, with countries such as Mexico, China, the Korean Republic, India, Brazil and Russia also appearing on the list. 

At least 21,000 cameras worldwide lack any authentication whatsoever, raising questions about invasions of privacy, and the impact IP cameras are having on the global uptick in cyberwarfare

Security camera passwords

All devices connected to the internet are in danger of being accessed by unknown and potentially malicious third parties. In the case of security cameras, threat actors can access the live feed, record sensitive personal data, and use the camera as a vulnerable endpoint on a network.

Researchers for CyberNews are concerned that all brands of camera it came across in its analysis have products in circulation that are permitted to function without changing the default password, or without one at all. These include Hikvision, HIPCam, Cisco, Toshiba, and Linksys.

It’s not all bad news, though. The most popular camera manufacturers’ latest products are programmed, either by model or firmware version, to force users to set a password, or generate a unique one at random. 

96.4% of the cameras CyberNews examined belonged to these brands, but it’s worth highlighting that this doesn’t mean that 96% of connected cameras are benefitting from an uptick in protection. 

Hardware devices often age, are depreciated by the manufacturer, and become ineligible for firmware updates, which can also push security patches. The vast majority of connected IP cameras aren’t going to be the newest models mandating, or at least recommending, healthy password security practices.

Where we are now is certainly an improvement from the results of CyberNews’ research on this same topic last year, which found that only 5.3% of cameras mandated setting a password.

The world is gravitating towards cyberwarfare in the wake of the Russia-Ukraine conflict and China’s growing reputation as a surveillance supplier, with ransomware and DDoS attacks becoming especially common. 

With that, there are growing fears surrounding how devices from popular IP camera brands, such as China’s Hikvision, could be used by state-sponsored threat actors.

CyberNews reported that, until at least December 2022, Hikvision advertised “demographic profiling facial analysis algorithms” as part of its products on the company’s website, but that following an investigation by The Guardian, the ads were removed.

Some western democracies have resisted the growing influence of foreign surveillance technology better than others in recent years. 

Read more

> Here’s our list of the best home security systems right now

> Wi-Fi security flaws could let drones, attackers target you through walls

> The journey to passwordless – it's a marathon, not a sprint

In July 2019, the UK’s then-Prime Minister Theresa May backed down from her plan to allow Chinese company Huawei to assist in developing the country’s 5G infrastructure following US pressure. And in September 2020, The Guardian reported that Hikvision cameras, blacklisted in the US, were installed in UK leisure centres and, alarmingly, school toilets.

Things are, however, moving in the right direction. 

In November 2022, the UK banned Chinese surveillance equipment from “sensitive” government sites, while the US’ Federal Communications Commission (FCC) adopted rules preventing “communications equipment deemed to pose an unacceptable risk to national security” from being imported or sold in the country.



Source: TechRadar
Labels:

Popular posts from this blog

Android 12 will bring the end of third-party share menus

Apps like Sharedr will no longer be able to replace the default share dialog. What you need to know Third-party apps will not be allowed to replace the Android share menu in Android 12. You will no longer be able to set apps like Sharedr as the default. Google says it never intended to allow third-party apps to replace the official Sharesheet. One of Android 12 's biggest highlights is the new Material You design language, which brings major changes to nearly every key UI component. Android 12 will also introduce a major change to the way users share links and photos, according to a report from XDA Developers . On Android 11 , Google allows third-party apps and OEMs to fully customize the Android Sharesheet, which is the reason why the share dialog differs from one app to another. It is even possible to completely bypass the official Android Sharesheet by setting an app like Sharedr as the default Sharesheet. In addition to providing a more consistent experience, Sharedr
Read more

The new Amazon Fire HD 10 is growing into a viable productivity tablet

An already good entertainment device finally gets productive. Amazon has been busy churning out a whole host of new devices and upgrades to existing devices over the past several months. Earlier this year, I reviewed the excellent Echo Buds (2nd Gen) , and even the fantastic Echo Frames (2nd Gen), have since been updated to include options with sunglass and blue light filtering lenses . In early May, we also learned that Amazon was refreshing the Echo Show 5 and Echo Show 8 and that it was even rolling out its first Echo Show for kids . While newer and more novel products like the ones mentioned above often see a faster update cycle, more mature devices like Kindle e-readers and Fire tablets go longer between new versions. In fact, the last update to the Fire HD 10 line was back in 2019, so, understandably, Amazon was ready to reinvigorate its flagship tablet. Not only did it update the specs and colors on the Fire HD 10, but it also gave us a second version in the Fire HD 10 Plu
Read more

Google Announces Support for Account Passkeys

Google today announced that it is introducing support for passkeys, providing an easier and more secure login method for Google accounts. Apple integrated passkeys into iOS with the launch of iOS 16 , and it is also available in iPadOS 16.1 and later as well as macOS Ventura . Passkeys are an industry standard developed by the FIDO Alliance and the World Wide Web Consortium, so Google's passkey integration will work on Apple devices as well as on other devices that support the feature. As Google notes: Last year — alongside FIDO Alliance, Apple and Microsoft — we announced we would begin work to support passkeys on our platform as an easier and more secure alternative to passwords. And today, ahead of World Password Day, we've begun rolling out support for passkeys across Google Accounts on all major platforms. They'll be an additional option that people can use to sign in, alongside passwords, 2-Step Verification (2SV), etc. Passkeys are both easier to use and more
Read more

Wondershare Photo Collage Studio

Wondershare Photo Collage Studio Studio integrated workshop create albums of your digital photos Yes with this program you can create Albums wonderful from your digital photos and keep them you can create albums stunning so wonderful additions distinctive not imagine it The program supports hundreds of templates and frameworks that can be used during the creation of your album from your digital photos and keep your album in a computer Create beautiful albums and you can add a lot through this program distinctive and you can with this program, add effects beautiful and can set the time to add effects and allows you to program import all image formats and also features a unique interface easier for the professional user and the novice to use this program if you want to view images through your computer, this program will add a great aesthetic touch to browse your photos through this program is a wonderful experience import all image formats
Read more