Member Discussion

News UK: IP Cameras Cause Invasion Of Privacy

Thought members would be interested. One prominent UK newspaper has printed a full two pages on how IP CCTV is being hacked into for nefarious reasons, resulting in private images of peoples home, family and work lives being uploaded onto the web. They are blaming a failure to change the default password on the camera systems by the user. They have named Hikvision as the prime offender, as they supply the systems causing the threat to data privacy and potential dangers leading from it. Two things occur. Its very negative publicity for IP CCTV and also presumably contractors are failing their clients by not underlining the security risks and explaining the importance of passwork protection.

Bryan, thanks.

I believe this is the story on hacking cameras from the Daily Mail.

This story / theme has been going around for quite some time, including the Hikvision aspect.

I believe the Daily Mail is referring to Shodan as the site enabling hacking.

Btw, this is not an IP camera issue, since essentially all DVRs are Internet enabled the same risks apply across the board.

Also, related, Daily Mail article on hacked webcam playing "I'll Be Watching You".

That's spooky or funny, depending on one's perspective, but it's not a huge practical problem.

I think it will become one if / when hacking cameras starting being used as part of a burglary or other physical crime.

Shodan will show plenty of devices with insecure cameras and you can watch someone's lawn.

Viewing them is one thing, getting shell via telnet and subverting the video is a totally differnet ball game.

There are plenty of products out there with open telnet and common root passwords that are ripe for attack. Or default users and admin back doors.

Those silly CCTV hacks you see in movies like pausing the video?
You could go do that today with some IP cameras and DVR's on Shodan via telnet

Telnet should not be present on a device in this day and age.