Hacking

3.5m IP cameras exposed, with US in the lead

The number of internet-facing cameras in the world is growing exponentially. Some of the most popular brands don’t enforce a strong password policy, meaning anyone can peer into their owners’ lives.

Original post at https://cybernews.com/security/millions-ip-cameras-exposed/

When you spy on your neighborhood or your cafe customers, do you wonder if someone is watching Big Brother – you, in this case?

Businesses and homeowners increasingly rely on internet protocol (IP) cameras for surveillance. All too often, this gives them a false sense of security: when in fact, threat actors can not only access and watch your camera feed but exploit the unsecured device to hack into your network.

New research by Cybernews shows an exponential rise in the uptake of internet-facing cameras. After looking at 28 of the most popular manufacturers, our research team found 3.5 million IP cameras exposed to the internet, signifying an eightfold increase since April 2021.

While the default security settings have improved over the review period, some popular brands either offer default passwords or no authentication, meaning anyone can spy on the spies.

What is more, the overwhelming majority of internet-facing cameras are manufactured by Chinese companies. And while cosmetic security measures are in place, security leaders have long warned that technologies produced by Chinese companies can be exploited by China’s government.

Surge in internet-facing cameras

When we last did similar research, we discovered over 400,000 internet-facing cameras online. This time, the Cybernews research team found 3.5 million internet-facing cameras.

Since this is a convenient and cheap tool to surveil anything from a parking lot, a warehouse, your doorstep, or even monitor your child’s sleep using a baby camera, it’s not surprising to see a surge in IP camera usage.

While not surprising, the trend is worrying since internet-connected devices might be vulnerable to attacks – threat actors can gain access to the camera’s live feed, collect sensitive data, and launch further attacks on the network.

It is worrying that all analyzed brands have at least some models that allow users to keep default passwords or have no authentication setup whatsoever.

The reign of a Chinese brand

Most of the public-facing cameras we discovered are manufactured by the Chinese company Hikvision: the Cybernews research team found over 3.37 million of its cameras worldwide.

According to our researchers, they have the necessary security practice in place as they force users to create their unique passwords during an initial setup process. Nevertheless, the global popularity of Hikvision cameras has raised some eyebrows and, as is typical with China-manufactured technology, it and other companies are facing a backlash from Western governments.

Recently, the UK parliament instructed government agencies to cease the deployment of Chinese equipment, including surveillance cameras, on to sensitive sites, saying the technology is produced by companies subject to the National Intelligence Law of the People’s Republic of China.

Hikvision’s website advertised optional demographic profiling facial analysis algorithms, including gender, race, ethnicity, and age. Following an investigation by the Guardian, the ad was removed.

In November, the US Federal Communications Commission banned authorizations for Chinese telecommunications and video surveillance equipment, saying that Huawei, ZTE, Hytera, Hikvision, and Dahua are “deemed to pose a threat to national security.”

Most insecure brands

Most analyzed brands (96.44% of the discovered cameras) force users to set passwords or generate unique default passwords on the newest models and firmware versions. While this is a good trend, it doesn’t mean that all the cameras are safe since the lion’s share of these cameras is probably comprised of older models or those operating with outdated firmware using default or weak passwords.

Anyhow, this is a fundamental shift in the trend since last year, when we found that only 5.25% of analyzed cameras asked users to set their passwords.

As of today, 3.56% (127,000) of all analyzed cameras recommend changing the default password but do not enforce it. Sometimes, they don’t even mention it in the initial setup process, with the recommendation being on a blog post instead.

Even more concerning is that over 21,000 cameras did not have any authentication setup, allowing anyone to access them, leaving owners at risk of cyberattack.

According to the research, most public-facing cameras that might be using default credentials are operational in the United States, where we identified over 458,000 such devices.

Germany, which took second place in our research last year, covering over 50,000 cameras, didn’t even make it into the top 10 countries this time.

The second most affected country is Vietnam, with nearly 365,000 cameras, followed by the UK (nearly 250,000).

Visual here: Top 10 Countries with the most internet-connected cameras that could be using default credentials:

If you want to know how to secure your IP camera give a look at the original post published on CyberNews:

https://cybernews.com/security/millions-ip-cameras-exposed/

About the author: Jurgita Lapienytė, Chief Editor

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, IP cameras)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

13 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

19 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.