Hack of 175,000 Cameras
In 2017, a report revealed that around 175,000 IoT cameras—which were used for security—
were prone to cyber risks. The report indicated that the Shenzhen Neo Electronics, a Chinese
company, was the manufacturer of these cameras. These cameras were used in dierent security
and surveillance products in order to enhance the security of their customers. Cybersecurity
analysts identified dierent buer overflow security openings in the two types of the company’s
cameras—the NIP-22 and iDoorBell models.
However, experts were equally suspicious of other commercial cameras from the com-
pany—this is because they use identical firmware. They explained that if these loopholes
are exploited then they can lead to remote manipulation and execution of the code from the
device.
It was also found out that UPnP technology was used by the cameras. This allowed for
internet access to the router’s firewalls by automatic port configuration. After some search,
they found out that there are at least 100,000 of devices, spread around globally which can
be hacked easily. They unveiled that in their search analysis, they mainly looked for RTSP and
HTTP connections. After further research, they predicted that the original figure of vulnerable
devices may exceed 175,000 IoT cameras.
According to the researchers, there are two types of cyber threats which can infect the
cameras’ web server while the RSTP is also prone to exploitation. In order to prove their claims,
they carried out a demonstration which revealed how easy it was to hack the cameras by anyone
who can use the default credentials.
IP Cameras
An IP (internet protocol) camera is one which is used for the transfer of image data. This camera
is one of the most used cameras in the IoT space but lately, it has become one of the biggest tar-
gets of cybercriminals in the IoT ecosystem. Cybersecurity analysts attribute this to two reasons:
their high internet trac throughput and powerful processing capabilities. Even in the Mirai
cyberattack, when DDoS and botnet were used for infection, the IP cameras were among the
hijacked devices.
The attack became a catalyst for new infections as multiple Mirai-like malware have
appeared and attempted to hack into IP cameras. IP surveillance cameras are targeted because
of their monetization opportunities and the following reasons.
It is absolutely necessary for an IP camera to be connected to internet 24/7. This
continuous internet exposure means that they are always in the view of the
cybercriminals who can hack into them.
When hacking PCs, cybercriminals have to use dierent strategies for dierent PCs.
Thus, the cost and resources required for hacking are higher. On the other hand, in the
case of IP cameras, if a single vulnerability is discovered in a single model then it is easy
to infect hundreds and thousands of devices of the same model without changing the
hacking technique. Hence, the resources and cost are significantly lower in this case.
IP cameras are more powerful and robust than other types of cameras. Hence, once they
are compromised by hackers, it is not too hard to use them for cryptocurrency mining
and similar compute-intensive tasks.
Chapter 11 Security Challenges for IoT 293
Internet_of_Things_CH11_pp271-308.indd 293 9/3/2019 10:16:20 AM
..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
18.224.44.108