Is your surveillance systems really securing your organization?
Yes. I have CCTV for 24*7 Surveillance connected to an NVR, It gives me complete Office movements in my mobile also.
Are you sure there is no other user parallel to your user account ???
There can be. Nowadays based on the surveys, 40-60 percentage of CCTV cameras are prone to Insider attack and External hacks.
An insider attacker can get a complete layout of your network if there your IT dept is vulnerable to social engineering. This is a common scenario in every office, we can do training and regular IT policies updating help us to an extent.
What an External attacker can do on the network.???
Do you have a static IP from your ISP to access the DVR or NVR! By doing Normal IP scan for commonly opened ports of a DVR in the WAN side will pull out all the IP details and camera details of your surveillance system.
A Metasploit module in the Framework, cctv_dvr_login, can discover and test the security of stand-alone CCTV (Closed Circuit Television) video surveillance systems. Such standalone systems are frequently used in common shops, living communities, personal residential places, and business structures as part of their physical security program. Over there, many of these systems are vulnerable to exploitation that can allow attackers remote access. Remote access services are enabled by default in systems, this can allow not only the ability to stream real-time visuals, but also it can give control of the camera’s movements (if supported), and provide access to stored visuals too.
Most of the persons who use CCTV video surveillance systems are may not have any idea about the device’s potential services such as remote access capabilities and monitoring, since they may be using exclusive local video console only. This made an ease to the possibility of attackers gaining/persisting remote access, without any indication to the legitimate end user that their video surveillance systems and stored footage may be accessed remotely.
The CCTV cameras and Routers are shipped with default username and password configured. For example:
Username : admin | password : admin
Username : admin | password : 12345
Username : admin | password : (blank password)
Username : admin | password : 9999
You can find default username and password list trying some googling
Almost all CCTV cameras need a plug-in, one can download this from login page probably. If it is not bundled with the page then we can download it from manufacture website. If the default password is not working then we need to crack it. Where we can use Hydra, it is a powerful tool to crack any passwords.
Can these Hacked CCTV cameras attack Others ???
Yes. Recent studies shows that Cyber attackers had targeted vulnerable CCTV cameras – common Internet-of-Things (IoT) device – to launch Distributed Denial-of-Service (DDoS) attacks. Surveillance cameras and DVRs in commercial places are targeted to make a large botnet that is able to bring down any large websites on the Internet by initiating a crippling Distributed Denial-of-service (DDoS) attacks.
The attackers made this easily possible because CCTV camera operators or administrators are taking a Silly-Billy approach to security perspective of these potential devices and their failure to change default passwords on the devices.
A team of Security researchers from Imperva’s Incapsula had given warning to the public about CCTV Botnet attacks in 2014 March. However, their recent blog post says that Now the DDoS attack peaked at twenty thousand requests per second and all these requests originated from nearly 900 CCTV cameras. Where these cameras are running on Linux based embedded systems and the BusyBox toolkit.
When the team analyzing one of the compromised cameras located in a shopping center, the researchers found that the camera was infected with a variant version of a known malware program known as Bashlite, or Lightaidra or GayFgt, these are specifically designed for Linux ARM versions. It has been found that the most common attack is HTTP GET request flooding, these requests are originated from almost 900 CCTV cameras worldwide. India, China, Iran, Indonesia, US, and Thailand are the targeted countries included, in the list of Botnet infected surveillance.
Those who want to protect their organization against these type of attacks should change default vendor passwords, use strong passwords, filter access to only trusted hosts, and only expose the CCTV system to the Internet if absolutely necessary. In addition, deploy security professionals can use the new latest scanning modules to scan their network for vulnerable systems, because today’s security feature is tomorrow’s security vulnerability.
Some other methods:-
- Update Your Camera’s Firmware
- Keep Your Cameras Local. If you don’t want your camera services to end up on the Internet, then don’t connect them to the Internet.
- Password Protect Your Cameras. Many IP cameras don’t have password protection for video streaming turned on by default.
- Rename or remove Default Admin Account and set a new Admin Password
- If Your Camera is Wireless, Turn on WPA2 Encryption with complex password
- Don’t Put IP Cameras Where it doesn’t want to be. Don’t put an IP cam inside your house where the activities should not be seen by strangers. Always think “if you can see”, then possibly “others can also”