Contact us today!
866-348-2602

Total Tech Care Blog

Total Tech Care has been serving Florida since 2001, providing IT Support such as technical helpdesk support, computer support, and consulting to small and medium-sized businesses.

The Super-Creepy Reason Why You’ll Want to Secure Your Surveillance Camera

b2ap3_thumbnail_dvr_iot_issues_400.jpgWith approximately 5.5 million new devices being connected to the Internet everyday, the Internet of Things presents the biggest security challenge to date for IT professionals. Essentially, an IoT device that’s not secured can easily fall prey to hackers, and with so many different devices being connected, it’s easy to overlook a device or two, like your security cameras.

The creepy risk associated with not securing an Internet-connected security camera was recently reported on by Lisa Vaas of Naked Security. In her article, “DVR snaps stills from CCTV surveillance and sends them to China,” she presents findings from researchers at UK-based Pen Test Partners about the security holes found in the Internet of Things.

For the study, Pen Test Partners researchers analyzed data from Shodan, which is essentially a search engine for Internet-connected devices, like buildings, smart appliances, webcams, and much more. In particular, the researchers used Shodan to look at Internet-connected surveillance cameras.

Before we go into the technicalities of what they found, let’s take a step back and warn everybody who uses a webcam or Internet-connected surveillance camera that even a novice PC user can create a free account with Shodan and use it to search for, access, view, and even control unsecured cameras. We were skeptical of this claim when we first heard about it, but the proof is in the pudding. Check out these stills from random surveillance cameras we came across on Shodan:

ib spy1

ib spy2

ib spy3

ib spy4

These cameras are just random ones that we stumbled upon. However, Shodan has been criticized for giving its users easy access to cameras that are sensitive in nature. Vocativ cites findings by Ars Technica:

These webcams show feeds from sensitive locations like schools, banks, marijuana plantations, labs and babies’ rooms. Shodan members who pay the $49 monthly fee can search the full feed at images.shodan.io. A Vocativ search of some of the most recently added images shows offices, school, porches and the interior of people’s homes. Accompanying each of these grabs is a pinned map that shows the location of the device capturing that footage.

If that doesn’t creep you out, then lets go back and take a look at the even-more-in-depth findings of the first study we mentioned by Pen Test Partners. Vass reports:

The device also has no Cross-Site Request Forgery (CSRF) protection, so attackers can trick users into clicking on links to carry out malicious actions; it has no lock-out, so attackers can guess as many passwords as they like; it sends communications without HTTPS that can be intercepted and tampered with; and there’s no firmware updates, so “you’re stuck with these issues,” Pen Test Partners said. But weirdest of all, the thing is capturing still images from video feeds and emailing them to an address that appears to be hosted in China.

As far as why surveillance images were being sent to China, that’s a mystery that Pen Test Partners was unable to get to the bottom of. We could speculate as to what’s going on here, but at the risk of letting our imaginations run wild and sounding like conspiracy nuts, we won’t. Instead of making wild speculations, we want to communicate that we’re here to help your company secure all of its Internet-connected devices from the prying eyes of everyone on the web.

Are you confident that all of your IOT devices are secure enough to keep hackers out of your network? Do you even know if you have IoT devices on your network transmitting data across the web? Or at the very least, are you sure that random Shodan users aren’t making a highlight reel from your surveillance camera footage? To get a grip on the security of every Internet-connected device on your company’s network, give Total Tech Care a call at 866-348-2602.

 

Comments 1

brenda williamson on Sunday, 08 July 2018 16:29

IoT devices are enhancing the level of security with surveillance camera in home and office.The amcrest 1080p reviews will let the users know about how to install the security camera and how to take the safety measures for the future.

IoT devices are enhancing the level of security with surveillance camera in home and office.The [url=https://homebuyingchecklist.co/reviews/amcrest-prohd-1080p-wifi-ip-security-camera-review/]amcrest 1080p reviews[/url] will let the users know about how to install the security camera and how to take the safety measures for the future.
Already Registered? Login Here
Guest
Wednesday, 25 December 2024
If you'd like to register, please fill in the username, password and name fields.

Blog Archive

Sign Up for Our Newsletter

  • First Name *
  • Last Name *

      Free Consultation

      Sign up today for a
      FREE Network Consultation

      How secure is your IT infrastructure?
      Let us evaluate it for free!

      Sign up Now!

      Free Consultation
       

      Tag Cloud

      Security Tip of the Week Technology Best Practices Business Computing Cloud Privacy Hackers Productivity Hosted Solutions Efficiency Software Google Business Network Security Microsoft Internet Email Malware Workplace Tips Backup Innovation User Tips Data Computer Mobile Devices Hardware IT Services Android VoIP Disaster Recovery communications Business Continuity Smartphones Communication IT Support Miscellaneous Smartphone Mobile Device Network Browser Small Business Productivity Collaboration Quick Tips Cybersecurity Business Management Users Managed IT Services Windows Upgrade Phishing Ransomware Data Backup Outsourced IT Windows 10 Office Server Save Money Data Recovery Cloud Computing Windows 10 Passwords Saving Money Holiday Gadgets Chrome Virtualization Tech Term Social Media Managed IT Services Microsoft Office Managed Service Automation Cybercrime Operating System Artificial Intelligence Facebook Computers BYOD Health Mobile Device Management Internet of Things Networking IT Support Wi-Fi Hacking Remote Spam Alert Managed Service Provider Office 365 Covid-19 Information Telephone Systems Information Technology Bandwidth BDR Social Engineering Mobility Recovery Employer-Employee Relationship Router Application Human Resources Data Breach Law Enforcement Remote Monitoring Big Data Password Money App History Encryption Applications Mobile Computing Government Remote Computing Private Cloud Mobile Office Managed IT Blockchain Paperless Office How To Apps Office Tips Training Data Storage VPN Patch Management Two-factor Authentication Avoiding Downtime Servers Mouse HaaS Data Security Bring Your Own Device Data Management Work/Life Balance Wireless Flexibility Infrastructure Voice over Internet Protocol Marketing Gmail WiFi Google Drive Vulnerability IT solutions Entertainment Settings Website Windows 7 Word Budget USB Data Protection Virtual Reality Apple Vendor Management Social User Error Save Time Meetings Vendor Managed Services Staff Software as a Service Display Telephone System Cleaning Machine Learning Risk Management Connectivity Remote Work Hacker Employee/Employer Relationship End of Support The Internet of Things RMM Education Physical Security Lithium-ion battery Safety Conferencing HIPAA Sports Redundancy Scam Firewall Keyboard IT Management Cryptocurrency Best Practice Botnet SaaS YouTube Procurement IT Consultant Black Market IT Plan Workplace Strategy Comparison Net Neutrality Network Congestion CES Help Desk Humor Unsupported Software eWaste Document Management Printing Wireless Technology Solid State Drive Charger How to Content Management Downtime Business Technology Access Control Compliance OneNote Computer Care Managed Services Provider Current Events Data storage Virtual Assistant Telephony Wearable Technology Automobile Authentication Database Hard Drives Retail Samsung Remote Workers Instant Messaging Robot Computing Infrastructure Excel Going Green Value Processor Biometrics Update Spam Blocking Virtual Desktop Electronic Medical Records Virus Hard Drive Battery Google Docs Unified Threat Management DDoS Hiring/Firing Identity Theft Shadow IT Computer Accessories Legal SharePoint Computing Internet Exlporer Augmented Reality Customer Service PDF Fraud Printer Bluetooth Environment Business Intelligence Digital Signage Remote Worker Audit Fax Server Worker Proactive IT Public Computer Recycling Saving Time Procedure IT service Video Games Regulations Wiring dark theme Worker Commute Practices Shopping Transportation Google Search Experience Computer Fan Cache AI Rootkit Amazon Web Services IT Infrastructure Tablet Criminal Bing Safe Mode FinTech Domains Scalability GDPR Business Owner Workers Hosted Computing Social Network Benefits IaaS FENG Wireless Internet Maintenance Online Shopping Investment NarrowBand Search IBM Employee/Employer Relationships Bloatware File Sharing Employees Flash Camera Windows 365 Inventory iPhone Smart Technology Specifications ISP Tablets Wire Video Conferencing Evernote ROI Supercomputer Bitcoin Entrepreneur Travel Shortcuts Software Tips Sales Sync Printers Point of Sale Emails Personal Files Millennials Cryptomining Consultant Chromecast Analytics Smart Office Supply Chain Management Shortcut Wireless Charging Batteries Cost Management Monitoring Virtual Private Network Windows 8.1 Netflix Digitize Social Networking Colocation Two Factor Authentication Workforce Best Available Uninterrupted Power Supply Root Cause Analysis Cables Windows Server 2008 R2 WIndows 7 Knowledge Monitor Music HBO Customer relationships Skype Project Management Email Best Practices Running Cable Nanotechnology IT Assessment Telecommuting Manufacturing Memory Data loss Cortana Leadership Digital Signature Managed IT Service Reputation Troubleshooting Security Cameras Streaming Media Outlook Computer Tips Start Menu Warranty Virtual CIO Content OneDrive Biometric Security Tech Support Laptop PowerPoint Windows Media Player Screen Mirroring HVAC Peripheral Techology Loyalty Google Apps User Analysis Using Data Customers Books Frequently Asked Questions Digital Security Cameras Mobile Administrator Audiobook Windows 10s Devices Copiers 5G Science Touchpad Cast Enterprise Content Management Quick Tip Managing Stress webinar Accountants Emergency Smartwatch Tip of the week MSP Ergonomics Professional Services Microchip Distributed Denial of Service Politics Public Cloud Thought Leadership Development Customer Relationship Management Advertising Employer Employee Relationship Credit Cards OLED Cameras Analyitcs Password Management PCI DSS Assessment Password Manager Virtual Machine Fiber Optics Programming Multi-Factor Security Employee Notifications Windows Server 2008 2FA Tools Search Engine Twitter Messaging Cabling NIST Policy Television Business Mangement Hypervisor Antivirus Smart Tech Trend Micro Relocation Trending Dark mode Printer Server Addiction SMS Amazon Default App Windows 8

      Top Blog

      The reasoning for this is simple: you want to make sure that operations are proceeding as intended, even if you’re not there. If you completely check out from the workplace every time you leave, you could return from your vacation to a complete and total disaster that may have been prevented with y...
      QR-Code