Home How hackers weaponize security cameras

How hackers weaponize security cameras

Oct 5 — Internet-connected security cameras are everywhere these days – public spaces, business settings, and affixed to the doors of private homes. The value of the market was estimated to hover around $50B in 2021 and is rapidly growing. Everyday, hundreds of thousands of security cameras are installed and connected worldwide.

These products are being developed by manufacturers quickly, equipped with smart sensors and advanced software that include features like night vision, distance detection, heat, and motion detection. At the other end of the spectrum are less advanced home cameras that can be managed through smartphone applications.

Hackers and security cameras

For hackers, CCTV (or internet-connected security cameras) are a preferred means of accessing corporate networks, as they are inherently vulnerable and serve as an easy point of entry.

The sensitive data that passes through the security cameras can expose operators to various privacy-related issues and raises serious concerns regarding the ability of foreign entities to watch or listen to sensitive exchanges. In the United States, a directive has been issued prohibiting the use of certain security cameras within federal agencies’ sites.

Attackers know that security cameras and recording devices contain sensitive information that can potentially prove tremendously lucrative, making the cameras a huge target.

Difficult to secure

Security cameras are connected to both a corporate network and the internet. They routinely capture and transfer large volumes of data to recording systems that exist physically within the organization or in the cloud. A camera’s management system can either be created internally and managed or managed via the device manufacturer’s website. The recording devices (DVR/NVR) process the videos, creating backup files that can be saved on the corporate storage servers (NAS) for varying durations of time, in accordance with corporate policy. These servers are usually managed under the corporate Domain Controller.

A common practice, recommended by many leaders in this space, is network separation for connected IoT devices (or at the very least implementing network segmentation within the network). However, to accomplish this is extremely difficult for network administrators. In their opinion, the time it would take to do this manually outweighs the value. Also, doing this involves high costs within the establishment and operation phases. As a result, what we’re left with is that, by choice or compromise, these cameras stay connected to the internal network.

More information

Another reason these devices are so difficult to secure is because most IoT devices are installed with the manufacturer’s firmware by default. This presents its own set of weaknesses; like software vulnerabilities originating from bugs or poor software engineering. And to top it off, fixing or updating the firmware always requires a code update. IoT device manufacturers are not security experts by any means and many of them prefer to provide lean software while skipping key principles of writing secured code.

Keep reading this story here. Lastly, to receive cutting-edge cyber security news, insights, best practices and analyses in your inbox each week, sign up for the CyberTalk.org newsletter.