Pierluigi Paganini
October 10, 2023
After the Hamas attacks on Israel, the cyber war has also started between both sides and their supporters. Hacktivists have already targeted SCADA and ICS systems in Israel and Palestine, and other exposed systems are their next potential target.
The Cybernews research team has found at least 165 exposed internet-connected RTSP cameras in Israel and 29 exposed RTSP cameras in Palestine, which are open and accessible to anyone. Many more could be vulnerable.
RTSP stands for real-time streaming protocol. While this communication system is useful for transferring real-time data, it offers neither encryption nor lockout mechanisms against password-guessing.
“Only basic skills are needed for a bad actor to find a camera and brute-force login credentials, as well-known software tools and basic tutorials have long been in the wild. Exposed RTSP cameras can pose several risks and dangers in a cyberwar scenario,” researchers warn.
There are at least 37 exposed RTSP cameras in Tel Aviv, 16 in Potah Tiqva, and 13 in Rishon LeZion.
In Palestine, most of the exposed cameras are in the West Bank, which may be related to Israel’s electricity blockade in the Gaza strip.
The first and most significant risk of exposed IP cameras is hackers gaining access. This would allow them to view live feeds and record footage, which could be used for surveillance, reconnaissance, or gathering sensitive information.
“Exposed cameras can invade people’s privacy if they are located in private or sensitive areas. Personal information, daily routines, or confidential conversations may be recorded and misused. This information could be used for intelligence gathering, espionage, or blackmail,” researchers write.
While individuals are at risk, it’s organizations or even government facilities that cyber adversaries are mainly interested in. Access to their RTSP cameras may provide a foothold for attackers to penetrate the network that the cameras are connected to. Once inside the network, they could move laterally to compromise other systems or steal data.
“Attackers might manipulate camera feeds to show misleading information, creating confusion or panic. For example, altering security camera footage to hide a break-in or to make it appear as if an event occurred when it did not,” researchers warn.
Also, like any other smart device, exposed cameras could be exploited by cybercriminals building botnets for denial of service (DDoS) attacks or any other malicious activities.
Therefore, the owners of exposed devices carry the responsibility not only for their own security but also for protecting the community.
Separation and encryption, along with solid credentials, are the strategies that Cybernews researchers recommend to secure RTSP cameras.
In the best case, all security or other IP cameras should be connected to a separate protected subnet with end-to-end encryption, or WPA2 (Wi-Fi Protected Access 2), if the network is wireless.
More info at the original post at: https://cybernews.com/security/exposed-security-cameras-pose-risk-in-israel-palestine/
You can read Cybernews’ research on exposed RTSP cameras worldwide for more details about the risks.
About the author: Ernestas Naprys at Senior Journalist Cybernews
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – security cameras, Israel)
