Skip to main content

Millions of IP cameras around the world are unprotected

Over 3.5 million active Chinese-manufactured IP cameras are only protected by a vendor’s default password, or lacking protection altogether, putting users at risk of snooping, experts have warned..

New research from CyberNews found over 458,000 devices protected only by default credentials operational in the US alone, alongside almost 250,000 in the United Kingdom, with countries such as Mexico, China, the Korean Republic, India, Brazil and Russia also appearing on the list. 

At least 21,000 cameras worldwide lack any authentication whatsoever, raising questions about invasions of privacy, and the impact IP cameras are having on the global uptick in cyberwarfare

Security camera passwords

All devices connected to the internet are in danger of being accessed by unknown and potentially malicious third parties. In the case of security cameras, threat actors can access the live feed, record sensitive personal data, and use the camera as a vulnerable endpoint on a network.

Researchers for CyberNews are concerned that all brands of camera it came across in its analysis have products in circulation that are permitted to function without changing the default password, or without one at all. These include Hikvision, HIPCam, Cisco, Toshiba, and Linksys.

It’s not all bad news, though. The most popular camera manufacturers’ latest products are programmed, either by model or firmware version, to force users to set a password, or generate a unique one at random. 

96.4% of the cameras CyberNews examined belonged to these brands, but it’s worth highlighting that this doesn’t mean that 96% of connected cameras are benefitting from an uptick in protection. 

Hardware devices often age, are depreciated by the manufacturer, and become ineligible for firmware updates, which can also push security patches. The vast majority of connected IP cameras aren’t going to be the newest models mandating, or at least recommending, healthy password security practices.

Where we are now is certainly an improvement from the results of CyberNews’ research on this same topic last year, which found that only 5.3% of cameras mandated setting a password.

The world is gravitating towards cyberwarfare in the wake of the Russia-Ukraine conflict and China’s growing reputation as a surveillance supplier, with ransomware and DDoS attacks becoming especially common. 

With that, there are growing fears surrounding how devices from popular IP camera brands, such as China’s Hikvision, could be used by state-sponsored threat actors.

CyberNews reported that, until at least December 2022, Hikvision advertised “demographic profiling facial analysis algorithms” as part of its products on the company’s website, but that following an investigation by The Guardian, the ads were removed.

Some western democracies have resisted the growing influence of foreign surveillance technology better than others in recent years. 

Read more

> Here’s our list of the best home security systems right now

> Wi-Fi security flaws could let drones, attackers target you through walls

> The journey to passwordless – it's a marathon, not a sprint

In July 2019, the UK’s then-Prime Minister Theresa May backed down from her plan to allow Chinese company Huawei to assist in developing the country’s 5G infrastructure following US pressure. And in September 2020, The Guardian reported that Hikvision cameras, blacklisted in the US, were installed in UK leisure centres and, alarmingly, school toilets.

Things are, however, moving in the right direction. 

In November 2022, the UK banned Chinese surveillance equipment from “sensitive” government sites, while the US’ Federal Communications Commission (FCC) adopted rules preventing “communications equipment deemed to pose an unacceptable risk to national security” from being imported or sold in the country.



Source: TechRadar
Labels:

Popular posts from this blog

The hidden cost of food delivery

Noah Lichtenstein Contributor Share on Twitter Noah Lichtenstein is the founder and managing partner of Crossover , a diversified private technology fund backed by institutional investors, technology execs and professional athletes and entertainers. More posts by this contributor What Studying Students Teaches Us About Great Apps I’ll admit it: When it comes to food, I’m lazy. There are dozens of great dining options within a few blocks of my home, yet I still end up ordering food through delivery apps four or five times per week. With the growing coronavirus pandemic closing restaurants and consumers self-isolating, it is likely we will see a spike in food delivery much like the 20% jump China reported during the peak of its crisis. With the food delivery sector rocketing toward a projected $365 billion by the end of the decade, I’m clearly not the only one turning to delivery apps even before the pandemic hit. Thanks to technology (and VC funding) we can get a ri
Read more

Cyber Monday Canada: Last-minute deals for everyone on your list

Best Cyber Monday Canada deals: Smart Home Audio Phones, Tablets & Accessories Wearables Laptops & PC Components Amazon products Gaming Televisions Cameras Lifestyle & Kitchen Toys & Kids Cyber Monday Canada is here, and retailers are rolling out the red carpet for customers who want to shop for everything from tech to kitchenware to games and everything in between. Unlike years past, Cyber Monday Canada deals look a bit different than normal. Instead of retailers trying to pack their stores with as many shoppers as possible, we're seeing tons of online deals that you can take advantage of from the comfort of your home. We've rounded up our favorites below, so feel free to browse through the best of what Canada Cyber Monday has to offer! This list is being updated with new Cyber Monday deals all the time, so check back often. Spotlight deals It's a Switch Nintendo Switch Fortnite Edition bundle $399.95 at Amazon It's a Switch.
Read more

iPhone 13 Pro vs. iPhone 15 Pro Buyer's Guide: 50+ Differences Compared

The iPhone 15 Pro brings over 50 new features and improvements to Apple's high-end smartphones compared to the iPhone 13 Pro, which was released two years prior. This buyer's guide breaks down every major difference you should be aware of between the two generations and helps you to decide whether it's worth upgrading. The ‌iPhone 13‌ Pro debuted in 2021, introducing a brighter display with ProMotion technology for refresh rates up to 120Hz, the A15 Bionic chip, a telephoto camera with 3x optical zoom, Macro photography and photographic styles, Cinematic mode for recording videos with shallow depth of field, ProRes video recording, a 1TB storage option, and five hours of additional battery life. The ‌iPhone 13‌ Pro was discontinued upon the announcement of the iPhone 14 Pro in 2022, but it is still possible to get hold of it second-hand. Our guide helps to answer the question of how to decide which of these two iPhone models is best for you and serves as a way to c
Read more

Slack’s new integration deal with AWS could also be about tweaking Microsoft

Slack and Amazon announced a big integration late yesterday afternoon. As part of the deal, Slack will use Amazon Chime for its call feature, while reiterating its commitment to use AWS as its preferred cloud provider to run its infrastructure. At the same time, AWS has agreed to use Slack for internal communications. Make no mistake, this is a big deal as the SaaS communications tool increases its ties with AWS, but this agreement could also be about slighting Microsoft and its rival Teams product by making a deal with a cloud rival. In the past Slack CEO Stewart Butterfield has had choice words for Microsoft saying the Redmond technology giant sees his company as an “existential threat.” Whether that’s true or not — Teams is but one piece of a huge technology company — it’s impossible not to look at the deal in this context. Aligning more deeply with AWS sends a message to Microsoft, whose Azure infrastructure services compete with AWS. Butterfield didn’t say that of course
Read more