IP Camera Trolling - Cybersecurity Showcase

Author: John Honovich, Published on Nov 09, 2015

If you want to convince your customers about the importance of cybersecurity and the risk of being the next Hikvision, Foscam or Trendnet, show them 'IP Camera Trolling'.

Physical security professionals are largely indifferent to cybersecurity, as the industry's response to yet another Hikvision Hacking Scandal shows. And major vulnerabilities remain in Tri-Ed and Anixter's cameras.

But these videos bring the risk home.

Trolling Video

In this video, the hacker plays games with a man who has a Foscam camera at his desk, taunting him while the victim calls Foscam tech support:

Don't miss the 3:50 mark where the manufacturer tech support rep reminds the user that the camera has no password by default. Yikes.

That one is definitely the most famous and most viewed but there is a small underground set who do this for fun.

NSFW

The other videos are definitely not safe for work as they use foul and sexually explicit language to attack unsuspecting people at their homes.

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

In the NSFW video below, a guy harasses a couple in their kitchen:

In the NSFW video below, another guy wakes up a couple in the middle of the night:

More Trolling

There are easily dozens of more examples on YouTube, scan them here. People are treating it like the prank phone call of the 21st century.

How It Is Done

Most of these are likely simple hacks, looking for IP cameras publicly available on the Internet, with default username / passwords. Things like Shodan are common tools for doing so.

This is certainly not the only risk, simply the most basic / visible. For another recent example, see Botnet Of 900 IP Cameras Launch DDOS Attack.

Limitations

The reality is that such hacks are extremely uncommon statistically and that taking basic precautions, like not allowing your cameras to be publicly accessible and ensuring a strong password is used will reduce the risk significantly.

Showcase

However, showing / watching these videos gives a much more vivid picture of the risks / issues that can go wrong when your cameras are accessed.

 

2 reports cite this report:

Video Surveillance Manufacturers Risk Lawsuits For Botnet Attacks on Oct 24, 2016
The unprecedented scale of internet outages on October 21st from botnet attacks risk triggering lawsuits against video surveillance manufacturers,...
Arecont and Bosch - Default Security Risk on Dec 14, 2015
Default passwords are a major security risk, enabling hackers around the world to access and control devices like IP cameras (using Shodan, turning...
Comments (7): PRO Members only. Login. or Join.

Related Reports on Hacking

No Hack, Still Liable, Court Finds ADT on Jun 20, 2017
Recently, ADT has been in the news for a $16 million settlement for a cyber security vulnerability class action suit. One of the most important...
How To Hack Your Company's Hikvision Recorder on May 29, 2017
Here's how easy it is to hack your company's Hikvision recorder: It does not matter how hard or secret the admin password is. Hikvision will...
Anti-Hack Access Card Shields Tested on May 26, 2017
Keeping your access control card information secure is becoming a big priority, especially since cheaper copiers can hack details easily. Multiple...
Axis Criticizes OEMs: "When You Buy An Axis Camera, An Axis Camera Is What You Get!" on May 19, 2017
When you buy a Honeywell camera, you likely get a Hikvision, Dahua or some other company's product. The same goes for easily 100 different...
Hackable 125kHz Access Control Migration Guide on May 19, 2017
Despite being one of the most popular credentials, 125 kHz credentials are easily copied and insecure as we showed in our test results, video...
Cisco: Hikvision Hired Us on May 16, 2017
The day after Hikvision's backdoor was confirmed by the US Department of Homeland Security, Hikvision issued a press release about a...
Hikvision Blaming Backdoor On Others, Cannot Hide From DHS on May 11, 2017
Numerous Hikvision employees are blaming their backdoor on others but Hikvision cannot hide from the US Department of Homeland Security. Blaming...
Hikvision Backdoor Confirmed on May 08, 2017
The US Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued an advisory for...
Hack Your Access Control With This $30 HID 125kHz Card Copier on May 01, 2017
You might have heard the stories or seen the YouTube videos of random people hacking electronic access control systems. The tools that claim to do...
Last Day - IP Networking Course May 2017 on Apr 26, 2017
Today is the last day to register for the May IP Networking Course. This is the only networking course designed specifically for video...

Most Recent Industry Reports

Importance of Sales To Integrators - Statistics on Jun 23, 2017
One of the top trends in the industry over the past few years has been the rise of across-the-board sales (e.g.: Hikvision Sales, Dahua Sale,...
Deep Learning Surveillance Startups Deep Problem on Jun 23, 2017
The undeniably good news for the video surveillance market is that we are seeing the rise of more startups than in many years. The cause of this...
Avigilon Announces RADAR-Based Presence Detector on Jun 22, 2017
RADAR is gaining momentum within physical security. Two months after Axis announced a network radar detector, Avigilon has announced a RADAR-Based...
Covert Cloud Camera Service Launching (KJB) on Jun 22, 2017
Cloud IP cameras, for consumers, has become increasingly commonplace. However, covert cameras, lag there, with few options. Now, North America's...
Manufacturers Shipping Unlicensed H.265 Products on Jun 22, 2017
While H.265 support in video surveillance is growing, IPVM's research shows that most surveillance manufacturers are shipping H.265 products with...
Uniview Low-Cost Bullet PTZ Tested on Jun 21, 2017
Uniview is offering a HD zoom bullet camera, the IPC742SR9-PZ30-32G, with an integrated pan / tilt positioner, for the price of a low-cost...
QSR Video Surveillance Best Practices on Jun 21, 2017
Fast food restaurants or QSRs (quick service restaurants), are frequent victims of crime and fraud. Because they are open late, deal with cash, and...
45 Drives 'Lowest Cost' Enterprise Storage Company Profile on Jun 21, 2017
45 Drives claims the "lowest cost per Hard Drive Slot in the industry." But who or what is '45 Drives'? What started as a product design to...
No Hack, Still Liable, Court Finds ADT on Jun 20, 2017
Recently, ADT has been in the news for a $16 million settlement for a cyber security vulnerability class action suit. One of the most important...
Resolver / PPM 2000 Incident Management Platform Profile on Jun 20, 2017
You might have seen the company whose employees wear hockey jerseys at trade shows and wondered "what do they do?" PPM 2000 has been active in...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact