Motivations *** ******
**** ***** **** *** carried *** ** ********** devices **** **** *** done *** * ** 3 main *******:
- ** ***** ***** ******, typically ** ********** ** obscure ** ******* ******** in * ****** ** order ** **** ***** abilities *** ***-***** *******
- ** *** *** ****** devices ** * ****** to ****** **** ***** target, ** *** ******* resources (********* **** **** ** Worst ******* ****** ****).
- ** ***** ******* ***** and ********** *** ******/***** of *** ****** ("*** the **** [**** ** longer *********]")
** **** ****, *** hacked ******* *** *** default ** **** ***** passwords, ***** ***** ****** #1 ********, ***** ** not * *** ** skill ******** ** ***** attacks. ** **** ***** has **** ** *********** of *** ****** ******* being **** ** *******, but *** ******* ***** be ******* ** ***** a ****** ****** ** units ****** ********* * botnet ******. ** ** also ******** **** ** being **** ** **** attention ** *** **** security *** **** ** compromise ** ***** *****.
Botnet ********
** *** ******* *** turned **** * ******, they **** ********** **** to ******* ** * C&C (******* *** *******) server ** ******* ************. Additionally, *** ****** ****** would ****** **** *** botnet *** ** ****** who **** ** *** it ** ****** ***** sites. ** **** ****** get ******** **** *********** the ******, ** ******* it *** *******, *** chances ** ** **** someone ************* ******* *********** about **********, *** **** can ** **** ** trace **** ** *** person(s) ****** *** ******. This ** *********** *** the******* ****** * ***** botnet **** ***** ** ******** ********** ***** Krebs.
Lulz ********
** *** ******'* ******* motivation ** ** ******* systems, ** *** ** much ****** ** ***** them ****. ** ********* script ***** ** ****** on * ** **** hacked *******, *** ** probe *** ******** *** vulnerable *******, *** **** carry *** *** ****** automatically. *** ******** ***** have ****** **** ** be *********** ********, ** to **** ********** ***** to ******, ******** *** chances ** **************.
Anti-Hikvision **********
**** ********* ******************* * *** ********, that *** ****** ***** be ******* ***:
******** ********* *** ****** everyone ** ****** ***** devices **** ******, ******* it ***** ***** * PR ********* *** *********.
***** *** ******* ********** of **** **** **** support *** ******. *** example, ******** *** ***** password ****** ***** ** be ****** *** ** their *** *******, **** could ** * "*** the ****" ****, ** it ***** ** *******/** organization **** ************ ***** to ******* ********* ***** and **** *** ************* of *** ********* ** attention. ****, ** *** damaging *** ****** (********* configurations, ******* *****, ******** camera ********, ******** ***** user ********) *** ********* are *** ******* *********** harm. *******, ********* *** forced ** **** * notification that **** *** ******** yet ******* ******** ******** [link ** ****** *********], generating ******** *****.
Extent ** **** *******
** ****, ** *********** have ******** ************* **** hack, ** **** **** might ** ********* ****** changing *** ***** ******** and ****** *** ****** account. ****** **** *********** on **** ****, ** anything, ** ***** **** as **** ** **** could **** ********** *** motivation ** *** ******(*), and ******* ***** ** their ********.
Likelihood Of ******* ******
****** ***** ** * major ***** ** *** attacks, *** ******(*) ****** this *** ** ********. The ***** **** ******** enough ******** ** **** awareness ** *** ******** industry, *** **** *** been ***** ****** ** targeted ****** ** **** widespread ********. **** *** reduce *** ******* **** security *********** **** *** time ** *********** **** or ******** ********* ** gathering **** ***********, ***** reduces *** ******* *** hacker ** ******.
Hikvision *************
********* ** ********* ************* this ** *** *** find *** ****** *** prevent **** ******* **** being ******. **** *** be **** ** ***** a ******** **** * ********** ***, or ******** ******* ******** machines **** *******/***** ** gain **** ******* **** what *** ******** ****** beyond *** ***** ********, where *** ******* ********* from, ** ** *** affected ******* ******* ** communicate **** ***** ******* for ********** ************. **** information ***** **** ****** the ******'* ********.
Request For ***********
** *** **** *********** on ****** *** *** hacker ** ** *** ******* of *** **** ***, please ******* ** ** info@ipvm.com
Comments (88)
Jim Kirk
I have 8 Hikvision cameras and 1 Hikvision NVR on my LAN. I have one router on my LAN and the router is connected to the internet. I assign fixed LAN IP address to all 9 Hikvision devices.
It seems like the only thing a user can do is be sure the default password for "admin" is changed on all their Hikvision devices and also change the default internet port if you use a router with port forwarding.
For example, I changed the default internet access port of each of my devices to something like 80xx (vs 8000) where xx is the last two digits of the devices IP address on the LAN.
If all the Hikvision cameras on the LAN are used as an input to a LAN NVR (e.g. Hikvision NVR) you could just have the LAN port on the NVR forwarded (say 80yy rather then 8000) and leave all the individual camera ports not forwarded. You still get full internet access of all cameras when you use the internet and log into the NVR.
I'd love to change the username in addition to the password for "admin" but I haven't been able to do that on my Hikvision devices. Can this be done?
I'm open to any other things I might do to make my Hikvision devices less vulnerable to being hacked.
Jim
Create New Topic
Undisclosed Manufacturer #2
Scenario 5: This issue was revealed as a smoke screen. While Hik looks transparent and responsible, the real backdoors are still wide open to the dictators who run the company.
Create New Topic
Undisclosed #3
I would place my bets on the 'for the lulz' with access to run their own botnet unassisted, deploy and run away. As long as the vulnerability is fashionable it will attract many curious entities with many agendas. Unfortunately we will benefit as smart devices, IoT and public computing is thwarted, the final outcome is a better more efficient configuration or protocol to follow. We are in the infant stages, before all was open and you were free to play if you knew how. As we grow up we must understand that a security based foundation is needed before a sales and production rollout. It is not a matter of design it is a matter of rule.
Create New Topic
Marty Calhoun
I have my bet on a competitor who is at best 'grabbing for straws' in an elusive yet feeble attempt to discredit the hard working and always generous folks over at HIKVISION. It is clear that no 'credible hacker' would waste his time chasing down some DVR not even knowing what he'might' see on the other end. Why not open some fake bank accounts? much more lucrative for sure. I've always wondered myself through all of these supposed 'crises' that seem to occur weekly just what a hacker will gain sneaking into unknown DVR's and NVR's? I suppose one could surmise some lame attempt at a Ransom situation if one ran across a 'checkmate' scenario but that in itself is a stretch so what is the advantage to be gained UNLESS you are a competitor and just 'suturing the pot' because you have loss so much business the last couple years. I mean really, sitting around in some back dark room trying to hit an open DVR and Wa la you get lucky, then what? Its someones back door, a sidewalk, a street corner or a barking dog? Big deal. Then what? It is made out to seem like hacking these units is a 'world class feat' and will offer great riches but in reality you see some video of somewhere you dont even know, have no clue in hell where it is, or what it is or anything else.....WTF?
So lets surmise here....one of the largest manufacturers in the world, employing many thousands of good hard working citizens is superstitiously slipping in the backdoor of the DVR and NVR units to cause what ill? What ill can you cause? For what gain? Humans do things to gain some advantage, explain the advantage please? Oh yea, cant log in to see the dog I forgot....
Create New Topic
Undisclosed #1
Uh... what he said.
Create New Topic
Undisclosed Manufacturer #4
Fight fire with fire by creating a fireline.
Create New Topic
Undisclosed #1
Who is hacking Hikvision devices?
At this rate it may be easier to ask who isn't?
Create New Topic
Undisclosed Integrator #5
Just a note to say that we had 14+ NVRs "User account locked out" issues over the weekend.
UK-based and Dahua - NOT HIK.
Doesn't seem to be limited to Hikvision kit...
Create New Topic
Undisclosed Integrator #9
Correct me if I'm wrong but I think anyone of us could try to hack Hik vision devices. Get yourself an Angry IP Scanner and scan the Internet for devices that expose 8000 port open and try default username and password. After that if someone didn't change their default username and password you have full access to the system. Some probably are going to change the username and password just to be malicious.
On the other hand what hacker would change username and password if they wanted to use those devices as botnets. They would most likely leave the password untouched. They wouldn't be willing to be discovered at all and hijack the system in such a way that nobody would notice.
Create New Topic
Undisclosed Manufacturer #10
www.insecam.org
Create New Topic
Undisclosed Distributor #12
Where is the inside job option on the poll?
Create New Topic
Undisclosed #3
I like that you think about magicians, sums it up for me!
Create New Topic
Undisclosed Integrator #9
Let's assume that scenario of hackers hijack Hik Vision devices to use as botnets. They change the password and lock out the users. To gain access back to the devices you send a serial number of the device to the mfg or distributor and get the code to gain access back to the devices. How does it affect the botnet that may have been installed on the device? Doesn't it still run? How do you make sure that whatever hacker did is gone from your system? Do you have to reset the device to factory settings? And if so does it really clean the system or just reloads the firmware without touching the OS?
Create New Topic
Attila Szucs
I'm quiet surprised, as they claim so many times, that they have thousands of engineers.
They don't have an ethical hacking team?
Create New Topic
Andrew Tierney
Ethical hackers isn't really what these products need though.
These are engineering failures. They need a security team and to adopt a secure development lifecycle.
Create New Topic