Get the FREE Security Camera Quick Guide to learn more about CCTV
Want to have a quick reference to security camera? Just click the button below...
In movies we see several people hacking security cameras as if it were something very simple. So I decided to write about it. If you want to know the secrets of those who hack security cameras and DVRs, keep reading
If you install security cameras and DVRs, be aware that you are at a high risk of being hacked by software that are automated to scan for vulnerabilities.
It's important to be aware of how an attack to your security camera works, so you can better protect the surveillance systems you install for your customers. Time to learn some secrets used by hacker.
That's right, in most cases technicians and installers feel safe because they change the IP camera or DVR's default password to another password that seems safer and will ensure that a hacker can't gent into the system. This may help a bit, but it does not solve the problem.
Even DVRs and IP cameras that had their passwords changed can be victims of attacks that allows the hacker to gain access to the device.
A security camera has an internal operating system, as well as other programs that may have vulnerabilities known to hackers that will exploit them to gain access to the system and bypass the user/password.
Nowadays it is very easy to own security cameras and DVRs at home because those device are being sold everywhere with smaller prices.
With this customer demand, many manufacturers have come up with new IP cameras and devices without care too much about the vulnerability details They simply sell a massive amount of DVRs and security cameras that are installed in homes and small businesses worldwide and are never updated.
Once these devices have left the factory and been installed on the customers facilities, they are ready to be hacked by hackers around the world. Just connect them to the Internet and they are at risk.
Again, remember that changing the password does not solve the problem when there is a known vulnerability in the device operating system.
Take a look at some forums on the Internet and you will find a lot of discussion about installing DVRs and security cameras everywhere. There are people who believe they are very smart and don't want to learn more.
It's common to read things such as "Those amateurs don't know what they're doing, I always change the default password for the security cameras I install to my clients, I'm good enough to never be hacked".
The same technician who thinks he knows everything about security, minutes later is advising another person to not worry about learning about security camera remote viewing configuration, because there are easy methods out there created by the device manufacturer. Things like P2P remove viewing software or DMZ configuration on the router.
Using a DMZ for instance brings a potential danger to the IP network, especially if you don't know exactly how this technology works.
This behavior of making things the easier way opens the door to hackers that understand the flaws of a bad configuration. So, if you are a security IP professional and really understand what a DMZ is and how to use properly, that's OK, go ahead and use it, otherwise don't take the risk.
Wow, that unbranded DVR is so cheap, isn't it? You can buy it easily at any store and everybody is doing that, so maybe you could do the same.
The problem is that once installed, some of those equipment never get updated and the security vulnerability stays there forever...
Well, this DVR is now an open door to hackers and you can not do anything about it because there is not even a phone number or a technical support team you can get in contact with to get a new firmware update.
The only thing you know about the DVR is that it has something written in the front part, so you can read the name: "H. 264 Network Recorder ".
Buying unbranded equipment is one of the big reasons for this insecurity problem, H.264 is not even a DVR brand, it's a CODEC to compress video. You can learn more in the articles: How CCTV codecs work.
If you have a security camera or DVR from a well-know manufacturer such as Samsung, Bosch, Pelco, Panasonic, Clinton Electronics or even Hikvision or Dahua, you can pick up a phone, call somebody and solve your problem.
With unbranded devices is hard to talk to someone from the technical support team, since most of them don't have such service and once you buy the equipment you are on your own.
How many times does your customer (or you as a customer) decide it's time to check if the IP camera or DVR needs a firmware update? This is very rare.
Once installed, DVRs or IP cameras will be stay forever without the updates that can solve the security flaws that are discovered by hackers around the world.
If you think that a hacker sits there in a chair focused on the task of get into your DVR trying all kind of password guessing all night long, your are completely wrong. After exploiting the security flaws, automated programs are created that search for systems with vulnerabilities all over the Internet.
A good example is the Mirai, a virus created to get into systems connected to the Internet to later use as a source of attack to sites that hackers wish to shutdown with a DDOS (Distributed Denial of Service) attack.
It's just like having an army ready for war, and your IP camera or DVR can be one of those "soldiers" that Mirai uses to start an attack.
You IP camera or DVR could be infected right now, don't you think ?
Once security camera vulnerabilities are discovered, hackers spread the word collaboratively, there are communities and forums where they exchange information and share details that make life easier for colleagues who want to hack into systems.
The documents are very well written with details of the flaws that have been found on DVRs and security cameras of various brands and models which are sold worldwide.
You may be wondering how it is possible for a hacker to discover the security flaws of all the equipment, after all there are thousands of brands of DVRs and security cameras on the market.
Will a hacker go out there buying DVRs from all different brands just to find out what are the vulnerability and how to get into the device?
In fact they do not even need it, because they can access the code used in the security camera or DVR by visiting the manufacturer's website and downloading the device firmware or by getting it from other hacker .
Once downloaded the firmware, he can open it and start working on checking the security flaws and of course, spread the news.
In the market there is a network of manufacturer, distributors and resellers who market the same equipment with different names, ie a chip made in China can be used in many DVRs around the world. or even the DVR is sold unbranded and the final distributor places his logo on the product.
When hackers discover the vulnerabilities on a specific security camera chip that is widely used by others the news are spreads to the world and a lot of attacks can be execute in a short period of time.
There is no product that is 100% safe, no matter what the manufacturer is.
Obviously the large manufacturers are more concerned to solve the security flaws, but the problems still exist even in their devices.
However, the fact that big brands are behind the products does not guarantee that they do not have security problems because there is a list of vulnerabilities even for giants like Samsung, Sony, Pelco, Axis, Cisco and Bosch, these manufacturers are always working to close the security breaches.
Unfortunately there are professionals who believe that when using such products it's not necessary to worry about security and end up relaxing in the procedures that must be adopted to reduce the risk of possible attacks.
There is no 100% protection, however you can take some steps to improve the security of your DVR or CCTV cameras.
Here is a list of what can be done to prevent intrusions:
1. Use well-known and supported brands
2. Change the default password of your DVR or IP security camera
3. Swap the standard DVR or IP camera access ports
4. Update firmware when the manufacturer releases new versions
5. Avoid using DMZ to have remote viewing to the device
6. Separate the access network from the DVR or IP camera network
7. Use additional network security features such as VPNs
8. Use encryption between DVR or camera and remote device
9. Protect your DVR or IP camera with firewalls
10. Learn more about network security
It is not so simple to ensure that a IP camera or DVR will be safe in a data network, this involves a deeper IT knowledge. Do not worry if you don't understand some of the terms used in this article,
The idea is that you can learn more and more about how to protect your DVR or security camera from the point of view of a professional in the area of computer networks, after all a hacker or programmer who develops viruses is exactly on that side, and even if they do not understand about security cameras, they certainly understand network security.
Be safe and click the buttons below to share this article
If you want to become a professional CCTV installer or designer, take a look at the material available in the blog. Just click the links below:
Please share this information with your friends...
Claudemir Martins is a former Samsung Engineer with 15+ experience in the surveillance industry. He has been traveling around 17 different countries to teach people how to design, and install CCTV systems.
CLICK THE LINK TO DOWNLOAD NOW
SECURITY CAMERA GUIDE