Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Closed circuit TV systems can create holes for hackers to exploit

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

March 15, 2016

Designed to protect businesses, property and people, we just learned today that some closed circuit TV systems can easily create holes for hackers to exploit and tunnel their way into enterprise systems that can cause a lot of mischief.

Research carried out by independent consultant Andrew Tierney on behalf of Cloudview (a video surveillance company based in Hampshire, England) the team found major security vulnerabilities in traditional DVR-based CCTV systems and cloud-based video systems.

The security flaws inherent in almost all CCTV systems make it all too easy for intruders to hijack connections to and from the devices' IP addresses, putting enterprises' data at risk while leaving operators in breach of EU Data Protection regulations.

The research involved putting five routers, DVRs and IP cameras running their latest software on the open internet. One device was breached within minutes, and within 24 hours two were under the control of an unknown attacker.

Another device was left in an unstable state and completely inoperable. Security vulnerabilities in traditional DVR-based systems ranged from their use of port forwarding and dynamic DNS to a lack of firmware updates and the existence of manufacturer back doors.

Because surveillance digital video recorders have similar capabilities to a small web server, they can easily be used to launch an attack against host networks as part of a stepping-stone-style attack.

Many cloud video solutions also use port forwarding to allow access to RTSP (real time streaming protocol) video streams, making them as vulnerable as DVR-based systems.

Common security issues include failure to use secure protocols effectively, a lack of encryption, poor cookie security and insecure user and credential management, among others.

"Any insecure embedded device connected to the internet is a potential target for attacks, but organizations don't seem to realize that this includes their CCTV system," Tierney concluded.

"It can easily provide a gateway to their entire network," he asserted. James Wickes, cofounder and CEO of Cloudview said-- "Organizations can increase their security immediately by simply changing user names and passwords from the default to something secure, and they should follow the Information Commissioner's Office and Surveillance Camera Commissioner guidelines by encrypting all their CCTV data both in transit and when it is being stored. I'd also like to see the development of a 'Kitemark' to give users the assurance that their CCTV supplier had thought about security."

"This can then be used as a pivot and be used to attack the rest of your network," he warned.

Related research by Tierney on the security of commodity CCTV/DVR systems bought on Amazon was published by Pen Test Partners in February.

The MV Power DVR tested by Tierney had an unauthenticated root shell, along with other security issues, that made the equipment an enterprise security risk that needs to be addressed rapidly.

"Placing one of these CCTV systems on your network leaves you wide open to serious risk of attacks. If you port forward to the web interface, you are allowing attackers to take full control of the device," Tierney asserted.

"This can then be used as a pivot and be used to attack the rest of your network from the inside," he added.

Separately, Risk-Based Security found that Raysharp DVRs have hardcoded credentials for the web interface. Across all devices, the login root/519070 will work, and cannot be disabled.

A more subtle security vulnerability in the same Raysharp unit was also discovered by researchers at Metasploit firm Rapid7.

Source: The Cloudview Group.

Sponsered ads:
Read the latest IT news. Visit ItDirection.net. Updated several times daily.

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.


Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet Security.ca    Terms of use    Privacy agreement    Legal disclaimer