IP Camera Trolling - Cybersecurity Showcase
By John Honovich, Published Nov 09, 2015, 12:00am ESTIf you want to convince your customers about the importance of cybersecurity and the risk of being the next Hikvision, Foscam or Trendnet, show them 'IP Camera Trolling'.
Physical security professionals are largely indifferent to cybersecurity, as the industry's response to yet another Hikvision Hacking Scandal shows. And major vulnerabilities remain in Tri-Ed and Anixter's cameras.
But these videos bring the risk home.
Trolling Video
In this video, the hacker plays games with a man who has a Foscam camera at his desk, taunting him while the victim calls Foscam tech support:
Don't miss the 3:50 mark where the manufacturer tech support rep reminds the user that the camera has no password by default. Yikes.
That one is definitely the most famous and most viewed but there is a small underground set who do this for fun.
NSFW
The other videos are definitely not safe for work as they use foul and sexually explicit language to attack unsuspecting people at their homes.
In the NSFW video below, a guy harasses a couple in their kitchen:
In the NSFW video below, another guy wakes up a couple in the middle of the night:
More Trolling
There are easily dozens of more examples on YouTube, scan them here. People are treating it like the prank phone call of the 21st century.
How It Is Done
Most of these are likely simple hacks, looking for IP cameras publicly available on the Internet, with default username / passwords. Things like Shodan are common tools for doing so.
This is certainly not the only risk, simply the most basic / visible. For another recent example, see Botnet Of 900 IP Cameras Launch DDOS Attack.
Limitations
The reality is that such hacks are extremely uncommon statistically and that taking basic precautions, like not allowing your cameras to be publicly accessible and ensuring a strong password is used will reduce the risk significantly.
Showcase
However, showing / watching these videos gives a much more vivid picture of the risks / issues that can go wrong when your cameras are accessed.