Stopping Surveillance 'Videojacking'

Author: John Honovich, Published on Feb 16, 2011

A rising fear among security professionals is that surveillance video can be 'hijacked' and put on the Internet, resulting in embarassment or worse for the organization involved. A number of people are calling for more sophisticated and secure techniques to protect surveillance video. Unfortunately, such techniques do little to address the real risk and key threats to surveillance video.

A good example of the common but faulty recommendations offered can be found in a Feb 2011 Retail Solutions Online article where end to end encryption from the camera through the monitoring client is advocated. While this is technically possible (in at least some systems) and may be important for proving the validity of evidence in court, it does little to address the threat of videojacking.

**** ** *** ****** **** *** *********** ** ******* ************* are ****** *** ****** ****** - ****** ******** ********* ** incident (*.*., ********** ****** *****) ** ** ******* *** ****** ** * ******** ******* surveillance ***** (*.*., *************** ******** ****). ****** ******* ** **** *** ***** *** ** ******* and ***** ************ *****.

****** *** * **** **** ********* ****** ******* ******* ************ video **** *******. **** ******, *****'* ** **** ** ** a ********** ****** ** ******* ****** ** ****** *** *****. Just ** ****** *** ******** ** *** ******** ********** ****** and ***** ****** ** **** *****. ** ********, ******* ************ systems ** * *** ** **** *** ********** ****** **** compared ** **** **** *** *** ****** ** * ********* network (*** *** ******/********** **** ******* ** ******* * ***** ****?).

** **** ****** ** ******, ** *** * *********** *******:

  • ********** ******** ****** **** ****** ****** ** ***** ***** ***** is ************
  • ********** ****** ******* ** ***** ************ *******

*** ***** ****** ** ********* *** ******** ****** *** *** in * ******* ******** ****. ** ****, *** ****** ******, controlling ****** ** ************ ******* ** ***. **** ***** ***** their ************ ********** ******** ** *** ***. ***** **** ********* convenience *** ** ***** ********* ** *** ****** ******* **** in ** ****'* ********* ** * ********, ************ ****** ***** that ******* **** * ***** *** ******* ************ ***** ** a ******. 

******* ** ******** ****** ******* ******** *** ****** ** ********* to ****** ******** ***** *** ************* ****** *** ***** ***** inactivity. ******* ********* *** **** *****, ** ************, *** ***** users ***** ****** ********/********* ('*****' *** '*****' ** '*****' ** 'admin'). **** ***** ******** ********* ********* ***** ********** *** ****** that ******** ****** ****** *** ******.

******* ** ****** ******, ******** ************ **** *** ** ****. The **** ********* *** ** ****** **** ** ******* ******** access ******* ** *****, *** **********.

Login to read this IPVM report.
Why do I need to log in?
IPVM conducts unique testing and research funded by member's payments enabling us to offer the most independent, accurate and in-depth information.

Related Reports

Axis Criticizes OEMs: "When You Buy An Axis Camera, An Axis Camera Is What You Get!" on May 19, 2017
When you buy a Honeywell camera, you likely get a Hikvision, Dahua or some other company's product. The same goes for easily 100 different...
Hackable 125kHz Access Control Migration Guide on May 19, 2017
Despite being one of the most popular credentials, 125 kHz credentials are easily copied and insecure as we showed in our test results, video...
Shark Tank Startup Guard Llama Mobile Panic Tested on May 16, 2017
A Shark Tank TV show appearance has attracted big attention for Guard Llama, a security startup touting a 'panic button' paired with mobile app...
Cisco: Hikvision Hired Us on May 15, 2017
The day after Hikvision's backdoor was confirmed by the US Department of Homeland Security, Hikvision issued a press release about a...
Hikvision Blaming Backdoor On Others, Cannot Hide From DHS on May 11, 2017
Numerous Hikvision employees are blaming their backdoor on others but Hikvision cannot hide from the US Department of Homeland Security. Blaming...
Burglar Alarm Partitions Guide on May 10, 2017
Many burglar alarm systems have a single designated level of access for users. A user can arm or disarm the entire alarm by entering a single code....
Hikvision Backdoor Confirmed on May 08, 2017
The US Department of Homeland Security's Industrial Control Systems Cyber Emergency Response Team (ICS-CERT) has issued an advisory for...
Arming States For Burglar Alarms on May 04, 2017
Burglar alarms give the user the ability to choose how much of their alarm is active at any time. Activating alarm sensors on windows and...
Duress Codes For Alarms Systems on May 02, 2017
An alarm system can call for help in the event of an attempted break in, but only if it is armed. If an adversary forces an authorized user to...
Hack Your Access Control With This $30 HID 125kHz Card Copier on May 01, 2017
You might have heard the stories or seen the YouTube videos of random people hacking electronic access control systems. The tools that claim to do...

Most Recent Industry Reports

Axis Criticizes OEMs: "When You Buy An Axis Camera, An Axis Camera Is What You Get!" on May 19, 2017
When you buy a Honeywell camera, you likely get a Hikvision, Dahua or some other company's product. The same goes for easily 100 different...
Hackable 125kHz Access Control Migration Guide on May 19, 2017
Despite being one of the most popular credentials, 125 kHz credentials are easily copied and insecure as we showed in our test results, video...
Forget The Backdoor, "ALL HIKVISION PRODUCTS" On Sale on May 18, 2017
Less than 2 weeks after the Hikvision Backdoor was confirmed, Hikvision has launched a sale "ON ALL HIKVISION PRODUCTS". In this note, we examine...
Amazon Techs Installing IP Cameras Tested on May 18, 2017
In 2015, Amazon started offering video surveillance installation. Now, Amazon has made it a lot easier, with automatic add-on options and...
Hanwha Recorder Vulnerability Analyzed on May 18, 2017
ICS-CERT has released a vulnerability notice for Hanwha SRN-4000 recorders.  Hanwha provided additional information to IPVM about this issue,...
ShotSpotter To IPO, Facing Low Revenue and Losses on May 17, 2017
A rare event for North American security manufacturers is upcoming. ShotSpotter is planning to IPO on the NASDAQ, aiming to raise $34.5...
DMP Video Doorbell / Access Reader Examined on May 17, 2017
Consumers increasingly demand video doorbells, with "doorbells selling like hotcakes, everyone wants a doorbell", according to ADT's CEO. At ISC...
FLIR Is Giving Away $3,000 Demo Kits on May 17, 2017
Everybody likes free stuff, and FLIR is using that concept to attract dealers by giving them $3,000 worth of demo gear for attending a...
Shark Tank Startup Guard Llama Mobile Panic Tested on May 16, 2017
A Shark Tank TV show appearance has attracted big attention for Guard Llama, a security startup touting a 'panic button' paired with mobile app...
Axis Beats Avigilon Growth Rate (AVO Q1 2017) on May 16, 2017
In what is likely the first time ever, Axis beat Avigilon's revenue growth for Q1 2017. Inside this note, we examine Avigilon's Q1 2017 financial...

The world's leading video surveillance information source, IPVM provides the best reporting, testing and training for 10,000+ members globally. Dedicated to independent and objective information, we uniquely refuse any and all advertisements, sponsorship and consulting from manufacturers.

About | FAQ | Contact