Skip to main content

Millions of IP cameras around the world are unprotected

Over 3.5 million active Chinese-manufactured IP cameras are only protected by a vendor’s default password, or lacking protection altogether, putting users at risk of snooping, experts have warned..

New research from CyberNews found over 458,000 devices protected only by default credentials operational in the US alone, alongside almost 250,000 in the United Kingdom, with countries such as Mexico, China, the Korean Republic, India, Brazil and Russia also appearing on the list. 

At least 21,000 cameras worldwide lack any authentication whatsoever, raising questions about invasions of privacy, and the impact IP cameras are having on the global uptick in cyberwarfare

Security camera passwords

All devices connected to the internet are in danger of being accessed by unknown and potentially malicious third parties. In the case of security cameras, threat actors can access the live feed, record sensitive personal data, and use the camera as a vulnerable endpoint on a network.

Researchers for CyberNews are concerned that all brands of camera it came across in its analysis have products in circulation that are permitted to function without changing the default password, or without one at all. These include Hikvision, HIPCam, Cisco, Toshiba, and Linksys.

It’s not all bad news, though. The most popular camera manufacturers’ latest products are programmed, either by model or firmware version, to force users to set a password, or generate a unique one at random. 

96.4% of the cameras CyberNews examined belonged to these brands, but it’s worth highlighting that this doesn’t mean that 96% of connected cameras are benefitting from an uptick in protection. 

Hardware devices often age, are depreciated by the manufacturer, and become ineligible for firmware updates, which can also push security patches. The vast majority of connected IP cameras aren’t going to be the newest models mandating, or at least recommending, healthy password security practices.

Where we are now is certainly an improvement from the results of CyberNews’ research on this same topic last year, which found that only 5.3% of cameras mandated setting a password.

The world is gravitating towards cyberwarfare in the wake of the Russia-Ukraine conflict and China’s growing reputation as a surveillance supplier, with ransomware and DDoS attacks becoming especially common. 

With that, there are growing fears surrounding how devices from popular IP camera brands, such as China’s Hikvision, could be used by state-sponsored threat actors.

CyberNews reported that, until at least December 2022, Hikvision advertised “demographic profiling facial analysis algorithms” as part of its products on the company’s website, but that following an investigation by The Guardian, the ads were removed.

Some western democracies have resisted the growing influence of foreign surveillance technology better than others in recent years. 

In July 2019, the UK’s then-Prime Minister Theresa May backed down from her plan to allow Chinese company Huawei to assist in developing the country’s 5G infrastructure following US pressure. And in September 2020, The Guardian reported that Hikvision cameras, blacklisted in the US, were installed in UK leisure centres and, alarmingly, school toilets.

Things are, however, moving in the right direction. 

In November 2022, the UK banned Chinese surveillance equipment from “sensitive” government sites, while the US’ Federal Communications Commission (FCC) adopted rules preventing “communications equipment deemed to pose an unacceptable risk to national security” from being imported or sold in the country.



Source: TechRadar

Popular posts from this blog

Code-generating tools could be more of a security hindrance than help

New research by a group of Stanford-affiliated researchers has uncovered that code-generating AI tools such as Github Copilot can present more security risks than many users may realize. The study looked specifically at Codex, a product of OpenAI, of which Elon Musk is among the co-founders.  Codex powers the Microsoft-owned GitHub Copilot platform, which is designed to make coding easier and more accessible by translating natural language into code and suggesting changes based on contextual evidence. AI-coding problems Lead co-author of the study, Neil Perry, explains that “code-generating systems are currently not a replacement for human developers”. The study asked 47 developers of differing abilities to use Codex for security-related problems, using Python, JavaScript and C programming languages. It concluded that the participants who relied on Codex were more likely to write insecure code compared with a control group. Read more > These are the best laptops for progr

Port of Lisbon hit by ransomware attack

One of Europe’s busiest seaports, the Port of Lisbon, has been hit with a ransomware attack that knocked some of its digital systems offline. "All safety protocols and response measures provided for this type of occurrence were quickly activated, the situation being monitored by the National Cybersecurity Center and the Judicial Police," a statement shared by the Port of Lisbon Administration (APL) with local media earlier this week said. The incident failed to impact the port’s operations, but did take its official website, portodelisboa.pt, offline. LockBit taking responsibility "The Port of Lisbon Administration is working permanently and closely with all competent entities in order to guarantee the security of the systems and respective data," the statement concludes. While the company doesn’t explicitly say it was targeted with ransomware, the LockBit ransomware operator has added APL to its leaks website, taking responsibility for the hit.  The databas

This new Linux malware floods machines with cryptominers and DDoS bots

Cybersecurity researchers have spotted a new Linux malware downloader that targets poorly defended Linux servers with cryptocurrency miners and DDoS IRC bots. Researchers from ASEC discovered the attack after the Shell Script Compiler (SHC) used to create the downloader was uploaded to VirusTotal. Apparently, Korean users were the ones uploading the SHC, and it’s Korean users who are targets, as well. Further analysis has shown that the threat actors are going after poorly defended Linux servers, brute-forcing their way into administrator accounts over SSH.  Mining Monero Once they make their way in, they’ll either install a cryptocurrency miner, or a DDoS IRC bot. The miner being deployed is XMRig, arguably the most popular cryptocurrency miner among hackers. It uses the computing power of a victim's endpoints to generate Monero, a privacy-oriented cryptocurrency whose transactions are seemingly impossible to track, and whose users are allegedly impossible to identify. Fo

Twitter has hidden the chronological feed on iOS again – and I'm furious

In a controversial move, Twitter has brought back a feature that removes the 'Latest Tweets' view for users on iOS, which is something that many users, including me, hated back in March 2022 – and it's now rolling out. The first time the company decided to do this, 'Home' would appear first in a tab at the top, and there was no way of changing it so that 'Latest Tweets' would be the default view. It was reverted back after the company said it was a 'bug' for iOS users. This time though, it's no bug. Instead, it's 'For You' and 'Following' where you can only swipe between them now, which doesn't make much sense for a platform where you're using the platform to keep up to date with who you follow. It's a bizarre change that makes me ask – who wants this, especially during a time when its new owner, Elon Musk, is bringing in and reversing changes almost every week still? This one change will have big consequenc