Eagle Eye Networks

Vulnerabilities in WiFi Cameras

March 14, 2017 Eagle Eye Networks

Vulnerabilities-WIFI-Cameras-FI

Inexpensive WiFi cameras are widely available over the internet. That might sound compelling, but it’s important to understand their security holes and the risk they bring to your network.

Pierre Kim, an IT security blogger, has recently discovered 1,250 different camera models that are modified and branded by hundreds of companies.

These cameras have many vulnerabilities:

  • They contain backdoor accounts that will allow the manufacturer full access to your information
  • They connect to the cloud for the mobile app using clear text passwords
  • Anyone who has the serial number of the camera can access that camera

If you have a camera on this list, Kim recommends immediately removing it from the Internet and disposing of it.  Kim states, “I advise to IMMEDIATELY DISCONNECT cameras to the Internet. Hundreds of thousands of cameras are affected by the 0day Info-Leak. Millions of them are using the insecure Cloud network.”

Furthermore, Kim implies that the millions of cameras actually include bonnet code already: “This “cloud” protocol seems to be more a botnet protocol than a legit remote access protocol and has indeed weakness (everything in clear text, i.e. an attacker can attack cameras within the cloud and leverage potential access to hack internal networks).”

We recommend doing your research before purchasing new cameras – don’t buy cheap cameras from unknown manufacturers. Purchasing from a trusted source, even if it’s more expensive, will benefit you in the long run.

Vulnerabilities-WIFI-Cameras-FI

Tags

Other posts that might interest you

loading

Easily enable single sign-on with Eagle Eye Networks Editions

Businesses that choose to incorporate single sign-on (SSO) and multifactor authentication (MFA) add an extra layer of cybersecurity protection to their enterprise that sets them up for improved security and…

March 21, 2023 Eagle Eye Networks

Cloudflare Security Bug

Eagle Eye Networks does not use Cloudflare - a website performance enhancement service. There was a relatively severe security issue detected by Tavis Ormandy at Project Zero in the Cloudflare…

February 27, 2017 Eagle Eye Networks

Latest Threat: Reaper

Last year Mirai malware hit 500,000 IoT devices and launched DDoS attacks. Now, a new malware has been identified by researchers at CheckPoint that is surpassing Mirai by hitting millions…

November 20, 2017 Eagle Eye Networks