Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Super-Creepy Reason Why You’ll Want to Secure Your Surveillance Camera

b2ap3_thumbnail_dvr_iot_issues_400.jpgWith approximately 5.5 million new devices being connected to the Internet everyday, the Internet of Things presents the biggest security challenge to date for IT professionals. Essentially, an IoT device that’s not secured can easily fall prey to hackers, and with so many different devices being connected, it’s easy to overlook a device or two, like your security cameras.

The creepy risk associated with not securing an Internet-connected security camera was recently reported on by Lisa Vaas of Naked Security. In her article, “DVR snaps stills from CCTV surveillance and sends them to China,” she presents findings from researchers at UK-based Pen Test Partners about the security holes found in the Internet of Things.

For the study, Pen Test Partners researchers analyzed data from Shodan, which is essentially a search engine for Internet-connected devices, like buildings, smart appliances, webcams, and much more. In particular, the researchers used Shodan to look at Internet-connected surveillance cameras.

Before we go into the technicalities of what they found, let’s take a step back and warn everybody who uses a webcam or Internet-connected surveillance camera that even a novice PC user can create a free account with Shodan and use it to search for, access, view, and even control unsecured cameras. We were skeptical of this claim when we first heard about it, but the proof is in the pudding. Check out these stills from random surveillance cameras we came across on Shodan:

ib spy1

ib spy2

ib spy3

ib spy4

These cameras are just random ones that we stumbled upon. However, Shodan has been criticized for giving its users easy access to cameras that are sensitive in nature. Vocativ cites findings by Ars Technica:

These webcams show feeds from sensitive locations like schools, banks, marijuana plantations, labs and babies’ rooms. Shodan members who pay the $49 monthly fee can search the full feed at images.shodan.io. A Vocativ search of some of the most recently added images shows offices, school, porches and the interior of people’s homes. Accompanying each of these grabs is a pinned map that shows the location of the device capturing that footage.

If that doesn’t creep you out, then lets go back and take a look at the even-more-in-depth findings of the first study we mentioned by Pen Test Partners. Vass reports:

The device also has no Cross-Site Request Forgery (CSRF) protection, so attackers can trick users into clicking on links to carry out malicious actions; it has no lock-out, so attackers can guess as many passwords as they like; it sends communications without HTTPS that can be intercepted and tampered with; and there’s no firmware updates, so “you’re stuck with these issues,” Pen Test Partners said. But weirdest of all, the thing is capturing still images from video feeds and emailing them to an address that appears to be hosted in China.

As far as why surveillance images were being sent to China, that’s a mystery that Pen Test Partners was unable to get to the bottom of. We could speculate as to what’s going on here, but at the risk of letting our imaginations run wild and sounding like conspiracy nuts, we won’t. Instead of making wild speculations, we want to communicate that we’re here to help your company secure all of its Internet-connected devices from the prying eyes of everyone on the web.

Are you confident that all of your IOT devices are secure enough to keep hackers out of your network? Do you even know if you have IoT devices on your network transmitting data across the web? Or at the very least, are you sure that random Shodan users aren’t making a highlight reel from your surveillance camera footage? To get a grip on the security of every Internet-connected device on your company’s network, give Total Tech Care a call at 866-348-2602.

 

Comments 1

brenda williamson on Sunday, 08 July 2018 16:29

IoT devices are enhancing the level of security with surveillance camera in home and office.The amcrest 1080p reviews will let the users know about how to install the security camera and how to take the safety measures for the future.

IoT devices are enhancing the level of security with surveillance camera in home and office.The [url=https://homebuyingchecklist.co/reviews/amcrest-prohd-1080p-wifi-ip-security-camera-review/]amcrest 1080p reviews[/url] will let the users know about how to install the security camera and how to take the safety measures for the future.
Already Registered? Login Here
Guest
Wednesday, 02 April 2025
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Software Network Security Business Google Microsoft Internet Email Malware Backup Workplace Tips Innovation User Tips Data Computer Mobile Devices Hardware IT Services Android VoIP Disaster Recovery communications Business Continuity Smartphones IT Support Communication Smartphone Miscellaneous Mobile Device Small Business Network Browser Productivity Collaboration Quick Tips Cybersecurity Users Business Management Windows Phishing Upgrade Managed IT Services Outsourced IT Ransomware Data Backup Windows 10 Office Cloud Computing Server Save Money Data Recovery Windows 10 Passwords Saving Money Holiday Gadgets Chrome Social Media Virtualization Tech Term Managed IT Services Automation Microsoft Office Managed Service Operating System Facebook Artificial Intelligence Cybercrime Computers BYOD Mobile Device Management Networking IT Support Internet of Things Hacking Wi-Fi Health Covid-19 Spam Office 365 Telephone Systems Managed Service Provider Information Technology Alert Information Remote Bandwidth Router BDR Social Engineering Mobility Recovery Employer-Employee Relationship Encryption Applications Application Remote Monitoring Law Enforcement App History Big Data Data Breach Password Human Resources Money Mobile Computing How To Remote Computing Mobile Office Data Storage Patch Management Government Blockchain Office Tips Private Cloud Paperless Office Training Managed IT VPN Apps IT solutions Entertainment Website Mouse Budget HaaS Google Drive Vulnerability Avoiding Downtime Windows 7 Word Wireless Servers Gmail Bring Your Own Device Data Management Settings Work/Life Balance Flexibility Infrastructure Voice over Internet Protocol Data Security Marketing WiFi Two-factor Authentication Apple End of Support Managed Services Display Education Physical Security Social Safety USB Data Protection User Error HIPAA Sports Redundancy Employee/Employer Relationship Meetings RMM Keyboard Conferencing Scam Risk Management Hacker Telephone System Staff Software as a Service The Internet of Things Save Time Lithium-ion battery Machine Learning Vendor Management Connectivity Remote Work Cleaning Firewall Vendor Virtual Reality Printer Fraud Shadow IT Bluetooth Remote Workers Value Legal Remote Worker Network Congestion eWaste Processor Spam Blocking Electronic Medical Records Internet Exlporer Cryptocurrency Hard Drive Hiring/Firing PDF IT Consultant Comparison Wearable Technology Proactive IT Computing Humor CES Retail Hard Drives Instant Messaging Best Practice Robot Excel YouTube Black Market Business Technology Business Intelligence Content Management Biometrics Access Control Audit Virtual Desktop Worker Virtual Assistant IT Management Digital Signage Document Management Authentication Wireless Technology Botnet DDoS Solid State Drive How to Downtime IT Plan SharePoint Procurement Data storage Workplace Strategy Unsupported Software Net Neutrality Update Virus Automobile Customer Service Help Desk Charger Google Docs Environment Printing Unified Threat Management Computer Accessories Identity Theft Compliance Computing Infrastructure Going Green OneNote Fax Server Computer Care Current Events Managed Services Provider Telephony SaaS Samsung Battery Augmented Reality Database Twitter Windows Server 2008 R2 Audiobook Search Engine Skype Touchpad Customer relationships NIST IaaS Data loss Business Mangement Maintenance Trending Bloatware Troubleshooting Email Best Practices IT Assessment Outlook Smart Tech Manufacturing Leadership Start Menu Addiction Printer Server Amazon Politics Advertising Computer Tips Managed IT Service Screen Mirroring Recycling Security Cameras Loyalty Tablets Entrepreneur Books Virtual CIO Wiring Notifications OneDrive Frequently Asked Questions Practices Biometric Security Mobile Cache Windows 10s Amazon Web Services Peripheral Digital Security Cameras Safe Mode Using Data Cast Criminal Shortcut webinar Cost Management Emergency Relocation GDPR Copiers Tip of the week Hosted Computing 5G Quick Tip Professional Services Wireless Internet Public Cloud Online Shopping Social Networking Employer Employee Relationship Ergonomics File Sharing Smartwatch Assessment Video Games OLED Specifications Worker Commute Camera Development Windows Server 2008 Inventory PCI DSS Tools Wire Running Cable Virtual Machine Evernote Experience Scalability 2FA Fiber Optics Employee Television Travel Memory Cabling Millennials Business Owner Printers Messaging Consultant NarrowBand Policy Smart Office Hypervisor Analytics Wireless Charging Search Dark mode Trend Micro Public Computer Default App Workforce Transportation iPhone Virtual Private Network SMS Best Available Regulations Procedure WIndows 7 Saving Time Computer Fan Cables Rootkit Science dark theme Shopping Google Search IT Infrastructure Workers Telecommuting Benefits Files Project Management AI Nanotechnology Chromecast FinTech Distributed Denial of Service FENG Cortana Customer Relationship Management Bing Analyitcs Social Network Digital Signature IBM Investment Programming Smart Technology Colocation Warranty Uninterrupted Power Supply Flash Employees User HVAC Employee/Employer Relationships PowerPoint Google Apps Windows Media Player Monitor Windows 365 Software Tips Analysis ISP Supercomputer Devices Antivirus ROI Emails Administrator Video Conferencing Sync Sales Managing Stress Enterprise Content Management Bitcoin Shortcuts Windows 8 Reputation Point of Sale MSP Streaming Media Personal Accountants IT service Cryptomining Thought Leadership Cameras Netflix Credit Cards Content Two Factor Authentication Microchip Tech Support Supply Chain Management Laptop Monitoring Password Management Batteries Root Cause Analysis Password Manager Tablet Techology Multi-Factor Security Music Customers Windows 8.1 Digitize HBO Domains Knowledge

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code