Why IP Camera And Smart Devices Are Soft Target For Hackers? And How To Secure Them

Posted: Mar 16 2017, 2:35pm CDT | by , in News | Technology News

 

Why IP Camera and Smart Devices are Soft Target for Hackers? and How to Secure Them
Photo Credit: Getty Images
 

The IP security camera manufacturing is successfully emerging over the last few years. From home IP security cameras to high-end models, the technology is getting easier and advanced hence more people are installing cameras to keep an eye on their property.Studies reveal that thousands of IP cameras are facing vulnerabilities that make them an easier target for attackers who are looking to spy, steal or planning related criminal activity. You will find the susceptibilities especially in the Wireless IP Cameras. These cameras look quite same physically, and retailers resell them with customized software which is the primary reason for the introduction of vulnerabilities.

These issues are mainly occurring due to the entrenched web server in each camera. According to research, over 200,000 cameras are considered as susceptible. These cameras are affected by the 0day Info-Leak whereas, among them, several are using the insecure Cloud network. The Cloud protocol is fundamentally a set of UDP tunnels that attackers use to send HTTP requests to cameras. As soon as the camera accepts a request, the attacker can easily get the authorizations. Afterward, the future HTTP requests can be sent to CGI files presented by the camera.

Worse consequences can occur if the attacker chains together a series of vulnerabilities. As the custom HTTP server is set up on few cameras, therefore the attacker can bypass the verification to steal identifications, SMTP and FTP accounts. Additionally, with the remote code implementation bug which is in the FTP CGO file of the camera, the attacker can even conduct remote commands against the cameras. The attacker can easily benefit from this vulnerability through local network or Internet.

Subsequently, many of the camera servers lack verification; the attackers can acquire content through TCP port 10554. The big question is how to keep hackers from finding your cameras through Internet?

Here we have listed few tips that will help you secure your IP security cameras.

Update your Camera’s Firmware

Many advanced IP security cameras come up with user-upgradeable firmware. If you find a security vulnerability, you can fix it through a firmware update. You can refresh the camera’s firmware from the admin console. Also, make sure to visit the manufacturer's website to know the version that you are currently using does not contain any vulnerability that can be exploited by hackers. From time to time, the manufacturers can update your firmware with some improvements. The issue arises when the manufacturers find a fault that may reveal the camera to the risk of hacking. In this situation, an update is a must requirement. The manufacturers may also ask you to register your camera so they can update the firmware automatically or else you will need to check the website for new updates. As updating the latest firmware version probably vary for different cameras, so it’s better to refer the camera manufacturer.

Set up your Camera in Local Mode

If the security of the camera is your top priority, then keep it on local network instead of connecting it to the Internet. Also, make sure to assign your camera a non-routable internal IP address. Even though you have assigned a non-routable IP address, still your camera can be unprotected by camera software that may use UPNP to expose the camera to the Internet. Make sure to visit the website and learn how to setup your cameras in the local mode.

Protect your Password

Many IP cameras don't have password protection for video feeds. They might think that you would be running your cameras first and securing them later. However, several people forget to add password protection after the initial setup hence leaving their cameras to all kinds of access. Most cameras do offer the necessary verification so protect your camera with a username and a secure password. Also, make sure to change it periodically to avoid any risk.

Follow the steps to set a password.

1 The first step is to find the local IP address of the internet network that you are currently using. If you have setup your camera, you can open the app and go to camera settings. In camera settings, choose “manually setup” and find your local IP address.

2 Enter the IP address into the address bar in your web browser. After that, log in using the identifications provided by the camera. This will be standard username and password for most cameras.

3 Once you have logged in, you can change the default password.

Turn on WPA2 Encryption

Connect your wireless camera to a WPA2-encrypted wireless network that will prevent wireless spies to connect and access your video feeds.

Place your Camera at the Right place

Avoid putting your IP security camera in those areas of your house where there is a chance of observation by strangers.

Avoid Port Forwarding to your IP Camera

Routers usually come with built-in security that can block some application to access your home network. Some people may select to set up port forwarding for devices e.g. a PlayStation, but it is not recommended specifically for IP cameras. If you are port forwarding to your IP camera, open it and stop it immediately.

Protect your Internet Network

If you have an IP camera at home, then you need to protect your home Wi-Fi. The best and easiest thing you can do to secure your Internet network is to have a strong password that nobody can even think of it. The other best thing you can do is to limit the people who have your Wi-F password. It also includes your friends or close relatives. If you are asked to give the password to someone e.g. the guest staying at your place, so the best option is to change the password later. Access to your home Wi-Fi is not only a threat to your IP security camera but also the computer’s data. So, review your home Wi-Fi password just now and change it to a more secure one.

This story may contain affiliate links.

Comments

The Author

<a href="/latest_stories/all/all/2" rel="author">Luigi Lugmayr</a>
Luigi Lugmayr () is the founding chief Editor of I4U News and brings over 15 years experience in the technology field to the ever evolving and exciting world of gadgets. He started I4U News back in 2000 and evolved it into vibrant technology magazine.
Luigi can be contacted directly at ml@i4u.com.

 

 

Advertisement

comments powered by Disqus