A naukri.com initiative
Securityaffairs
2d
297
Image Credit: Securityaffairs
Exposed eyes: 40,000 security cameras vulnerable to remote hacking
- Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and security risks.
- Bitsight alerts about the vulnerability of security cameras to remote hacking due to unsecured HTTP or RTSP access, enabling live feed streaming that can be easily targeted for spying, cyberattacks, and stalking.
- Identification of HTTP-based security cameras is complex due to diverse models; researchers developed a fingerprinting method using favicon hashes, HTTP headers, and HTML titles.
- Many HTTP-based cameras allow unauthenticated access to live footage through specific URIs like /out.jpg, which poses a significant privacy risk by bypassing authentication.
- RTSP-based cameras lack clear identifiers, making them harder to fingerprint; researchers analyzed RTSP Server headers and common URIs like /live.sdp to capture screenshots.
- Bitsight's internet scan revealed over 40,000 exposed cameras, mainly in the U.S., with the Telecommunications sector having the highest exposure due to extensive consumer use.
- The risk of privacy breaches and security threats extends to various sectors, including technology, media, utilities, business services, and education, as poorly secured cameras provide access to sensitive areas.
- Exposed cameras can capture live footage from homes, offices, retail spaces, factories, and critical areas, enabling spying, robbery planning, and data theft due to insecure setups.
- Bitsight warns of cybercriminals searching for exposed cameras on dark web forums and recommends users to update devices, change default passwords, disable unnecessary remote access, secure connections, and monitor unusual logins.
- The report underlines the significant exposure of devices in the Telecommunications sector, emphasizing the widespread availability of cameras for personal and professional use.
Read Full Article
17 Likes
For uninterrupted reading, download the app