How Hackers Attack Cameras
With the further popularity of network video surveillance cameras, especially in the current trend of the Internet of Things era, surveillance solutions connect with more and more devices. Although it brings great convenience, it also brings many new problems, such as network security, which is the most important one. In the past few years, there has been a lot of news about video cameras being attacked by the network. Video surveillance is as vulnerable as other devices in the face of network security challenges. How to strengthen network security still needs to start with its common attacked ways:
1. In many cases, the attacker usually scans the protocol and port of the camera, then browses and accesses the page managed by the device. If it fails, he will choose a more complex way to scan to find the camera and imitate the authorized user. It is worth noting that attackers can attack cameras without software vulnerabilities. Many design flaws of cameras or other connected devices can become hackers'entry points once they have security vulnerabilities. From this point, we can see that if a certain security protection mechanism is built at the beginning of the design of the camera product, it is not easy to exploit these vulnerabilities even if the camera is found to have vulnerabilities in the follow-up. At the same time, the device vendors will promptly push information, like other network devices, to upgrade the security level by upgrading.
2. Another common way is that attackers exploit software vulnerabilities known by cameras in open source or third-party libraries. For example, network servers are relatively vulnerable components. Usually, news about hackers using vulnerabilities of third-party network servers to access cameras can be seen.
3. Attackers use Command Injection attacks, which means that because Web applications do not filter data submitted by users strictly, hackers can submit data to Web applications by constructing special command strings, and use this way to execute external programs or system commands to attack, illegally obtain data or network funds. Source, etc. In other words, as long as developers filter data well and make good use of whitelists, they can avoid such attacks.
To sum up the above attack methods, users should:
One is to modify the initial password, and at the same time it is worth noticing that besides the initial password, the other is to pay attention to the vendor's push information in time and do a good job of equipment security upgrade.
Translated from: http://security.asmag.com.cn/test/201903/70547.html.
