Home security cameras, used against you

25. April 2013 Security 0

smileI know, creepy title. It is true though and already being done every day all over the world. Sergey Shekyan and Artem Harutyunyan, researchers from the security firm Qualys, said the search engine Shodan shows about 100,000 wireless IP cameras that have “little or no emphasis on security.” They held a presentation at the recent Hack in the Box security conference in Amsterdam (view PDF of presentation here) and provide examples and everything one would need to hack a wireless IP surveillance camera. I tested this on my own home security cameras and was able to break into one of them, even though i do not have the default ‘admin’ login. As there is no firmware available to patch this issue, i will be looking at a new camera!

What is Shodan? – Shodan, which stands for Sentient Hyper-Optimized Data Access Network, is the “Google for hackers.” It is essentially a search engine for servers, routers, load balances and computers.  Shodan’s database contains devices identified by scanning the Internet for the ports typically associated with HTTP, FTP, SSH, and Telnet.

So if there is a weak spot in your network (like a wireless IP surveillance camera) someone with malicious intent can find it using Shodan and exploit it as described in the above linked PDF. A lot of people, and more every day, are interested in home security and these types of wireless IP cameras are becoming more affordable and thus sold more often. Though mostly very technical have a look at the PDF and, by the time you are done reading all 35 pages, you will have a good grasp on how insecure certain IP cameras are. When you see some of the code and methods to exploit it you might think to yourself “noone will ever use that on me”. Hopefully you are right. But knowing someone could be doing this to you, maybe even as we speak, do you still feel comfortable and secure?

– See if there are firmware updates available for your camera(s), doesn’t matter which brand or model.
– Disable default admin accounts and create a new one with your own credentials.
– Yes, it’s nice to look at your house while you are on the road but do you réally need to? If your cameras are storing recordings on a local computer or hard drive there is no need to have them connected to the internet (so with an open port out of your home/office network). Close the ports, keep the camera feeds inside your trusted network and review the recorded footage once you come home if you have a reason to.
– If you find out your camera is vulnerable due to poorly written firmware and no updates are available, hope it never gets exploited or move on to another vendor/brand/model that does care about their user’s privacy and patches these types of vulnerabilities when they are discovered.

If it connects to the internet, it is a target. Mac, PC, IP camera, all-in-one printers you name it. Devices connected to the internet can be exploited to steal information, for sport or to ‘enslave’ and use as part of a larger bot net. Whatever the reason, there is always someone out there that may have a use for the online devices and with tools such as Shodan it becomes a lot easier to find them.

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.