Inexpensive WiFi cameras are widely available over the internet. That might sound compelling, but it’s important to understand their security holes and the risk they bring to your network.
Pierre Kim, an IT security blogger, has recently discovered 1,250 different camera models that are modified and branded by hundreds of companies.
These cameras have many vulnerabilities:
- They contain backdoor accounts that will allow the manufacturer full access to your information
- They connect to the cloud for the mobile app using clear text passwords
- Anyone who has the serial number of the camera can access that camera
If you have a camera on this list, Kim recommends immediately removing it from the Internet and disposing of it. Kim states, “I advise to IMMEDIATELY DISCONNECT cameras to the Internet. Hundreds of thousands of cameras are affected by the 0day Info-Leak. Millions of them are using the insecure Cloud network.”
Furthermore, Kim implies that the millions of cameras actually include bonnet code already: “This “cloud” protocol seems to be more a botnet protocol than a legit remote access protocol and has indeed weakness (everything in clear text, i.e. an attacker can attack cameras within the cloud and leverage potential access to hack internal networks).”
We recommend doing your research before purchasing new cameras – don’t buy cheap cameras from unknown manufacturers. Purchasing from a trusted source, even if it’s more expensive, will benefit you in the long run.
Other posts that might interest you
New Gmail Feature = Phishing Risks
Google is rolling out a redesign of its Gmail service, but federal cyber security authorities are voicing concerns over one particular new feature. This feature is called, “Confidential Email.” Confidential…
July 20, 2018
Windows Patching
Windows recently rushed out security patches to fix their operating system, creating even more headaches for their customers. It’s no wonder most customers are switching to cloud-based services where they…
April 2, 2018
145,000 DVRs Compromised
Several articles, including one by the Wall Street Journal, have recently reported that approximately 145,000 hacked DVRs and cameras were used to create some of the largest denial of service…
September 30, 2016