Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Super-Creepy Reason Why You’ll Want to Secure Your Surveillance Camera

b2ap3_thumbnail_dvr_iot_issues_400.jpgWith approximately 5.5 million new devices being connected to the Internet everyday, the Internet of Things presents the biggest security challenge to date for IT professionals. Essentially, an IoT device that’s not secured can easily fall prey to hackers, and with so many different devices being connected, it’s easy to overlook a device or two, like your security cameras.

The creepy risk associated with not securing an Internet-connected security camera was recently reported on by Lisa Vaas of Naked Security. In her article, “DVR snaps stills from CCTV surveillance and sends them to China,” she presents findings from researchers at UK-based Pen Test Partners about the security holes found in the Internet of Things.

For the study, Pen Test Partners researchers analyzed data from Shodan, which is essentially a search engine for Internet-connected devices, like buildings, smart appliances, webcams, and much more. In particular, the researchers used Shodan to look at Internet-connected surveillance cameras.

Before we go into the technicalities of what they found, let’s take a step back and warn everybody who uses a webcam or Internet-connected surveillance camera that even a novice PC user can create a free account with Shodan and use it to search for, access, view, and even control unsecured cameras. We were skeptical of this claim when we first heard about it, but the proof is in the pudding. Check out these stills from random surveillance cameras we came across on Shodan:

ib spy1

ib spy2

ib spy3

ib spy4

These cameras are just random ones that we stumbled upon. However, Shodan has been criticized for giving its users easy access to cameras that are sensitive in nature. Vocativ cites findings by Ars Technica:

These webcams show feeds from sensitive locations like schools, banks, marijuana plantations, labs and babies’ rooms. Shodan members who pay the $49 monthly fee can search the full feed at images.shodan.io. A Vocativ search of some of the most recently added images shows offices, school, porches and the interior of people’s homes. Accompanying each of these grabs is a pinned map that shows the location of the device capturing that footage.

If that doesn’t creep you out, then lets go back and take a look at the even-more-in-depth findings of the first study we mentioned by Pen Test Partners. Vass reports:

The device also has no Cross-Site Request Forgery (CSRF) protection, so attackers can trick users into clicking on links to carry out malicious actions; it has no lock-out, so attackers can guess as many passwords as they like; it sends communications without HTTPS that can be intercepted and tampered with; and there’s no firmware updates, so “you’re stuck with these issues,” Pen Test Partners said. But weirdest of all, the thing is capturing still images from video feeds and emailing them to an address that appears to be hosted in China.

As far as why surveillance images were being sent to China, that’s a mystery that Pen Test Partners was unable to get to the bottom of. We could speculate as to what’s going on here, but at the risk of letting our imaginations run wild and sounding like conspiracy nuts, we won’t. Instead of making wild speculations, we want to communicate that we’re here to help your company secure all of its Internet-connected devices from the prying eyes of everyone on the web.

Are you confident that all of your IOT devices are secure enough to keep hackers out of your network? Do you even know if you have IoT devices on your network transmitting data across the web? Or at the very least, are you sure that random Shodan users aren’t making a highlight reel from your surveillance camera footage? To get a grip on the security of every Internet-connected device on your company’s network, give Total Tech Care a call at 866-348-2602.

 

Comments 1

brenda williamson on Sunday, 08 July 2018 16:29

IoT devices are enhancing the level of security with surveillance camera in home and office.The amcrest 1080p reviews will let the users know about how to install the security camera and how to take the safety measures for the future.

IoT devices are enhancing the level of security with surveillance camera in home and office.The [url=https://homebuyingchecklist.co/reviews/amcrest-prohd-1080p-wifi-ip-security-camera-review/]amcrest 1080p reviews[/url] will let the users know about how to install the security camera and how to take the safety measures for the future.
Already Registered? Login Here
Guest
Thursday, 24 April 2025
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Software Efficiency Business Google Network Security Microsoft Internet Email Malware Backup Workplace Tips Innovation Data User Tips Computer Mobile Devices Hardware IT Services Disaster Recovery Android VoIP communications Smartphones Business Continuity Communication IT Support Miscellaneous Smartphone Mobile Device Small Business Network Browser Productivity Collaboration Quick Tips Cybersecurity Business Management Users Phishing Upgrade Managed IT Services Windows Data Backup Outsourced IT Ransomware Windows 10 Data Recovery Office Cloud Computing Server Save Money Windows 10 Passwords Gadgets Virtualization Saving Money Holiday Tech Term Social Media Chrome Managed Service Automation Microsoft Office Managed IT Services Computers Artificial Intelligence Facebook Operating System Cybercrime Wi-Fi BYOD Mobile Device Management Networking IT Support Health Hacking Internet of Things Alert Spam Covid-19 Office 365 Information Telephone Systems Information Technology Managed Service Provider Remote Bandwidth Router Recovery Employer-Employee Relationship Social Engineering Mobility BDR Remote Monitoring Mobile Computing Password Money Application App History Encryption Applications Big Data Human Resources Law Enforcement Data Breach Mobile Office Managed IT Blockchain Paperless Office Apps How To Office Tips Training VPN Data Storage Patch Management Government Remote Computing Private Cloud Servers HaaS Flexibility Marketing Bring Your Own Device WiFi Data Management Work/Life Balance IT solutions Entertainment Website Data Security Budget Wireless Infrastructure Voice over Internet Protocol Google Drive Gmail Settings Vulnerability Avoiding Downtime Two-factor Authentication Windows 7 Word Mouse Save Time Vendor Vendor Management Managed Services User Error Display Meetings Staff Software as a Service Telephone System Cleaning Machine Learning Connectivity Remote Work Employee/Employer Relationship Risk Management USB RMM Hacker End of Support Education Physical Security The Internet of Things Safety Lithium-ion battery HIPAA Sports Redundancy Keyboard Firewall Conferencing Data Protection Scam Virtual Reality Apple Social Access Control Computer Accessories Database Data storage Virtual Assistant Unsupported Software Authentication Remote Workers Automobile Charger Processor Wearable Technology Retail Compliance Computing Infrastructure Hard Drives Printer Going Green OneNote Computer Care Instant Messaging Bluetooth Current Events Hard Drive Robot Update Excel Telephony Samsung Biometrics Battery Virtual Desktop Google Docs Computing Identity Theft Shadow IT Value Legal IT Consultant DDoS Spam Blocking Electronic Medical Records Internet Exlporer Humor SharePoint Augmented Reality Fraud Hiring/Firing Digital Signage PDF Customer Service Remote Worker Environment Proactive IT Cryptocurrency Procurement Fax Server Best Practice YouTube Workplace Strategy Net Neutrality Black Market Business Intelligence SaaS Comparison Help Desk Audit Printing Worker IT Management CES Document Management Virus Wireless Technology Botnet Network Congestion Solid State Drive Managed Services Provider How to Downtime Unified Threat Management Business Technology IT Plan eWaste Content Management Monitoring Workers Batteries Millennials Benefits Files Tablets Printers Chromecast Windows 8.1 Smart Office FENG Digitize Wireless Charging Entrepreneur Managing Stress IBM Windows Server 2008 R2 Virtual Private Network Flash Customer relationships Shortcut Workforce Smart Technology Colocation Uninterrupted Power Supply Cameras Email Best Practices IT Assessment Cables Manufacturing Cost Management Supercomputer Social Networking Monitor Software Tips Project Management Sync Computer Tips Nanotechnology Emails Managed IT Service Telecommuting Security Cameras Virtual CIO OneDrive Cortana Biometric Security Digital Signature Reputation Streaming Media Peripheral Running Cable Warranty Digital Security Cameras Netflix Using Data Content Two Factor Authentication Memory Tech Support Printer Server Laptop HVAC Root Cause Analysis Copiers Google Apps 5G Techology Analysis Knowledge Music Customers HBO Quick Tip Administrator Skype Ergonomics Devices Audiobook Smartwatch Touchpad Enterprise Content Management Data loss Development OLED Accountants Leadership Virtual Machine Troubleshooting Science MSP Outlook PCI DSS Microchip Start Menu 2FA Thought Leadership Fiber Optics Politics Credit Cards Employee Advertising Password Management Screen Mirroring Messaging Password Manager Loyalty Cabling Distributed Denial of Service Hypervisor Customer Relationship Management Multi-Factor Security Books Notifications Frequently Asked Questions Policy Search Engine Mobile Dark mode Twitter Windows 10s Trend Micro Analyitcs Programming NIST Cast SMS Business Mangement Default App Smart Tech webinar Saving Time Trending Emergency Relocation Consultant Tip of the week Procedure Analytics Professional Services dark theme Addiction Public Cloud Shopping Amazon Employer Employee Relationship Google Search Video Games AI Antivirus Recycling Assessment IT Infrastructure Practices Worker Commute Bing Windows 8 Best Available Wiring Windows Server 2008 FinTech Tools Cache Social Network Experience IT service Amazon Web Services WIndows 7 Scalability Safe Mode Criminal Television Investment Hosted Computing Employee/Employer Relationships Business Owner Tablet GDPR Employees NarrowBand Windows 365 Wireless Internet Domains Online Shopping ISP Search File Sharing Video Conferencing Public Computer ROI Regulations Sales IaaS Inventory Bitcoin Maintenance Specifications Transportation Shortcuts iPhone Camera PowerPoint Point of Sale Windows Media Player Wire Computer Fan Personal Evernote Rootkit Cryptomining Bloatware User Travel Supply Chain Management

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code