IP Camera Trolling - Cybersecurity Showcase

Author: John Honovich, Published on Nov 09, 2015

If you want to convince your customers about the importance of cybersecurity and the risk of being the next Hikvision, Foscam or Trendnet, show them 'IP Camera Trolling'.

Physical security professionals are largely indifferent to cybersecurity, as the industry's response to yet another Hikvision Hacking Scandal shows. And major vulnerabilities remain in Tri-Ed and Anixter's cameras.

But these videos bring the risk home.

Trolling Video

In this video, the hacker plays games with a man who has a Foscam camera at his desk, taunting him while the victim calls Foscam tech support:

Don't miss the 3:50 mark where the manufacturer tech support rep reminds the user that the camera has no password by default. Yikes.

That one is definitely the most famous and most viewed but there is a small underground set who do this for fun.

NSFW

The other videos are definitely not safe for work as they use foul and sexually explicit language to attack unsuspecting people at their homes.

Get Video Surveillance News In Your Inbox
Get Video Surveillance News In Your Inbox

In the NSFW video below, a guy harasses a couple in their kitchen:

In the NSFW video below, another guy wakes up a couple in the middle of the night:

More Trolling

There are easily dozens of more examples on YouTube, scan them here. People are treating it like the prank phone call of the 21st century.

How It Is Done

Most of these are likely simple hacks, looking for IP cameras publicly available on the Internet, with default username / passwords. Things like Shodan are common tools for doing so.

This is certainly not the only risk, simply the most basic / visible. For another recent example, see Botnet Of 900 IP Cameras Launch DDOS Attack.

Limitations

The reality is that such hacks are extremely uncommon statistically and that taking basic precautions, like not allowing your cameras to be publicly accessible and ensuring a strong password is used will reduce the risk significantly.

Showcase

However, showing / watching these videos gives a much more vivid picture of the risks / issues that can go wrong when your cameras are accessed.

 

2 reports cite this report:

Video Surveillance Manufacturers Risk Lawsuits For Botnet Attacks on Oct 24, 2016
The unprecedented scale of internet outages on October 21st from botnet attacks risk triggering lawsuits against video surveillance manufacturers,...
Arecont and Bosch - Default Security Risk on Dec 14, 2015
Default passwords are a major security risk, enabling hackers around the world to access and control devices like IP cameras (using Shodan, turning...
Comments (7): PRO Members only. Login. or Join.

Related Reports on Hacking

New Whole Foods Installs Hackable Access Control on Feb 21, 2018
Whole Foods has built a reputation for high quality. And their 2017 Amazon acquisition has increased that, plus added deep pockets for buying...
Remote Network Access for Video Surveillance Guide on Feb 21, 2018
Remotely accessing surveillance systems is key in 2018, with more and more users relying on mobile apps as their main way of operating the system....
IP Cameras Default Passwords Directory on Feb 09, 2018
Below is a directory of 50+ manufacturer's default passwords. Note: Change Default Passwords Leaving default passwords is dangerous and makes it...
Simplisafe 'All New' Generation 3 Tested on Feb 08, 2018
Feared by the traditional alarm industry, Simplisafe has launched its 'all new' Generation 3 platform that they declare is "Stronger. Faster....
Geovision Unprecedented Security Vulnerabilities And Backdoor on Feb 06, 2018
Cybersecurity vulnerabilities have plagued the video surveillance market. Now, Bashis, discover of the Dahua backdoor, has discovered 15...
US Congressional Hearing Features Hikvision on Jan 31, 2018
A US Congressional hearing asked questions about Hikvision's government ownership and cybersecurity issues, following the WSJ's investigations into...
Chinese Government Backdoor Spies on African Union Revealed on Jan 29, 2018
For 5 years, a Chinese government backdoor was used to spy on the African Union, according to a Le Monde investigative report. As is their...
Worst NVR / VMS Manufacturers 2018 on Jan 29, 2018
These are the manufacturers who integrators reported the most significant problems with. 220+ integrators answered: In the past year, what...
Hacked Hikvision IP Camera Map USA And Europe on Jan 22, 2018
The interactive map below shows a sample of hacked and vulnerable Hikvision IP cameras across the USA and Europe. Hover over a marker to see an...
Chinese Government Hikvision Surveillance System On US Government Network on Jan 18, 2018
Hikvision, the Chinese government-owned manufacturer, has publicly claimed that their products are running on a US government network. Moreover,...

Most Recent Industry Reports

Directory of 30+ LPR / ANPR Providers on Feb 21, 2018
License Plate Recognition / Automatic Number Plate Recognition are a type of video analytics software that can identify and match license / number...
New Whole Foods Installs Hackable Access Control on Feb 21, 2018
Whole Foods has built a reputation for high quality. And their 2017 Amazon acquisition has increased that, plus added deep pockets for buying...
Remote Network Access for Video Surveillance Guide on Feb 21, 2018
Remotely accessing surveillance systems is key in 2018, with more and more users relying on mobile apps as their main way of operating the system....
Visio For Video Surveillance Design on Feb 20, 2018
Many integrators have standardized on AutoCAD for camera layouts but new users may be overwhelmed by its learning curve. Microsoft's Visio...
Health Care Insurance Integrator Benefits Statistics on Feb 20, 2018
How common and how much healthcare coverage is typically provided by security companies? 150+ integrators explained how their companies provide the...
Hikvision Deletes Genetec Support on Feb 20, 2018
There will be no peace between Hikvision and Genetec. A year after Genetec expelled Hikvision (and Huawei, citing Chinese government control...
Change Orders - Sometimes Necessary, Sometimes Unethical on Feb 19, 2018
Change orders are a common element in project sales. Sometimes they are a necessity and appropriate ways to deal with arising issues, but sometimes...
Bosch Merges Video, Intrusion and Access Businesses on Feb 19, 2018
Bosch is merging their "video systems, intrusion detection, as well as its access control and management software business units to form a single...
Why 3VR Failed on Feb 16, 2018
3VR destroyed transformed ~$65 million in VC funding into a $6.9 million exit. The reason they failed is simple. They bet on analytics. They...
"Fear Mongering": Hikvision USA Cybersecurity Director Dismisses Chinese Government Ownership Concerns on Feb 16, 2018
The facts are: The Chinese government created Hikvision and is Hikvision's controlling shareholder. Hikvision's Chairman, a Communist Party...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact