Other issues in this category (26)
A hacking or an open door?
Thursday, February 4, 2021
Modern technologies are designed to make people's lives easier and safer. For example, security cameras can effectively monitor the situation on streets and in staircases, apartments and offices. But what will happen if cybercriminals get access to them?
Moreover, constantly developing facial recognition technologies are offering cybercriminals even more opportunities to engage in malicious activities: for example, they can exploit them to organise total surveillance on specific people. Using these technologies, it's easy to build a route of their movements, find out which locations they frequent, their daily routine, their preferences and the passwords they use. As a result, attackers will acquire a "schematic" of people's lives and access to the services they use. After gaining access to security cameras, cybercriminals can find out shift schedules, passwords, and the habits of individual security guards—and these are already serious security flaws.
All these factors create conditions for blackmail (because at night the staff can be doing more than just monitoring their cameras) or a direct penetration.
We won't have to look very far for examples. Here is a recent case that happened in Moscow: as was reported, cybercriminals hacked 15,000 security cameras, which could have serious consequences. Another case. Cybercriminals received access to more than 50,000 home cameras belonging to ordinary people in Thailand, South Korea, Singapore and Canada. The stolen videos were then posted on the Internet. Anyone can be affected by similar situations, including teenagers: one’s private life can be destroyed in the blink of an eye, and the consequences of the psychological trauma caused by such events are difficult to predict.
But was it really a hacking? Modern digital cameras can connect to servers over the Internet without proper protection (e.g., without using secure channels) and at the same time have an IP address that is visible on the Internet. As a result, these cameras are visible even in specialised search engines, not to mention the fact that they can be detected by network scanning utilities. Anyone can find tens, or hundreds, or even thousands of cameras in such search engines. Sometimes these cameras can be connected to even without authorisation. And if an access password has been set, it could happen that security updates aren’t being downloaded. Can you regard a situation where your apartment is visible from the street through an open door as a break-in?
#hacking #extortion #privacy #facial_recognition #surveillance #vulnerability
The Anti-virus Times recommends
Many people make the mistake of believing that no one is interested in them. This is far from certain. Even if cybercriminals using a hacked camera don't find material to blackmail you with, who would be happy to realise that someone is watching them? Forget targeted attacks against specific people; you can simply end up in a mass selection made using the services we mentioned above. After that, the criminals will decide what to do with the secrets they’ve acquired. For example, offers to sell access to hacked cameras are posted on the Darknet.
- If you've purchased a security camera, be sure to read its instructions. Immediately after buying it, install all available updates to eliminate potential security breaches. And regularly install security updates.
- Before buying a security camera, make sure that the option exists to change its factory password. Change this password (and the login, if possible) to a unique one to make it more difficult for hackers to carry out attacks.
- Close interfaces you do not use (for this, use the product documentation). For example, if you configure your device only from an internal network local computer and not via the Internet, restrict external access.
We also want to remind you that both manufacturers and users can contact Doctor Web to have their devices analysed to see if malware is present.
Tell us what you think
To leave a comment, you need to log in under your Doctor Web site account. If you don't have an account yet, you can create one.
A very expensive Chinese CCTV camera that has a backdoor password also sells the same product without a name a non-named product at a fraction of the price without it software but with the backdoor password. So-called old technology HD-SDI DVR camera systems, are far superior to so-called modern home security systems that are cheap nasty CCTV analogue cameras.
HD-SDI DVR is digital not analogue. Digital uncompressed crystal clear image just like watching your modern flat screen television. And for some reason PR analogue systems are being sold as new technology. Analogue technology is almost definitely older than you and me.. HD-SDI digital is almost definitely younger then you or me but HD-SDI digital is classed as old technology.
Cheap and nasty analogue is cheap to make cheap to mass-produce and thus is the reason it is classed as modern technology compared to the superior digital HD-SDI.
You can sell a dead dog as a guard dog to a dumb person but is it moral to do so.
Moral is from the Latin "moralis" so therefore may be obsolete for the modern world and definitely obsolete to Silicon Valley and its equivalent in China.
I know in Turkey you can sell at an inflated price virgin donkeys, but how do they know it is a virgin?
P.S. i am not judging virgins donkeys or the Turkish.
Thank you for your helpful recommendations!
Total propaganda ("HAVE YOU LEARNED IB ?!"), training (as or together with OBZH, starting from kindergarten), mass (spam?) Mailings, etc., etc. ... on information security issues.
But how to introduce these fairly simple truths to the masses - this is B-O-O-O-LESHOY! a question that has not yet been answered :(