Why hack a camera

B

blue66

n3wb
Apr 27, 2019
26
5
Victoria, Australia
Genuine question ... why do people bother trying to hack into CCTV? Is it just because they can? So they get to see a boring video feed of my driveway. I don’t really get it.


Sent from my iPhone using Tapatalk
 
Once into your camera they are on your network. Just like hacking into you home PC. That is why cameras should not access the internet or be accessed from the Internet. My cameras are on a different sub net then my home network. The only connection to the home network and the internet is through the BI PC. The BI acts as the Time server for the cameras. Absolutely no access to the internet.

How to Secure Your Network (Don't Get Hacked!) | IP Cam Talk
 
  • Like
Reactions: jd415, TL1096r and c hris527
I would say the majority who can and do are doing it for fun or just because they can, however on the other side of the coin, if they can get your camera, they can parlay to other network devices and possibly take down or take over your network, if they can get the cam, they could upload customized firmware and be spying on you and your network or use the camera for DOS attacks like we have already seen from past attacks from IOT devices. Take this seriously if you have IP cams connected to the Internet or on a network that has internet access.
 
  • Like
Reactions: looney2ns, blue66, Q™ and 1 other person
In most cases they have no interest in you. Cameras are desirable targets since they have a good functional OS and networking capabilities which makes them useful for bot networks, etc. And there are tons out there using default settings, weak passwords, old firmware with known vulnerabilities...
 
  • Like
Reactions: Walrus, bp2008, looney2ns and 3 others
blue66 said:
Genuine question ... why do people bother trying to hack into CCTV? Is it just because they can? So they get to see a boring video feed of my driveway. I don’t really get it.


Sent from my iPhone using Tapatalk
Click to expand...

Hi @blue66

"why do people bother trying to hack into CCTV?"

Ok, Let me expand on the question.

When you state CCTV I believe you're referring to an internet connected IP camera, so:

"why do people bother trying to hack into an internet connected IP camera?"

OK now, an IP camera = a computer that can be used to make money stealing bitcon, extorting money by spreading randsomware, etc..

thus the question is now:
"why do people bother trying to hack into an internet connected computer that can be used to make money stealing bitcon, extorting money by spreading randsomware, etc..?"
 
  • Like
Reactions: Walrus, SouthernYankee, looney2ns and 2 others
SouthernYankee said:
Once into your camera they are on your network. Just like hacking into you home PC. That is why cameras should not access the internet or be accessed from the Internet. My cameras are on a different sub net then my home network. The only connection to the home network and the internet is through the BI PC. The BI acts as the Time server for the cameras. Absolutely no access to the internet.

How to Secure Your Network (Don't Get Hacked!) | IP Cam Talk
Click to expand...

Yes great idea.

I made a write-up for others:
Dual NIC setup on your Blue Iris Machine

This is the setup I have now it is nice having a bit of extra protection.

From articles people hack IP cams due to security flaws that leads them into other parts of your network, use them as DDoS attacks or maybe even spy.
 
  • Like
Reactions: LT20 and blue66
Thanks! My cameras are secure - now I know why its important to secure them!
 
  • Like
Reactions: looney2ns and SouthernYankee
What most people overlook is the insecurity of authentication. This is when applications like Blue Iris, etc.. connect to the camera over RTSP or RTMP and the authentication credentials are sent in plain text over the network. Keeping your camera(s) on their own subnet is a good practice but will not prevent eavesdroppers that have access to neighboring networks. I would highly recommend setting up an access control list (ACL) at either the camera or switch and/or firewall level wherever that may be. Hope this sheds some light on things!
 
streamnvr said:
What most people overlook is the insecurity of authentication. This is when applications like Blue Iris, etc.. connect to the camera over RTSP or RTMP and the authentication credentials are sent in plain text over the network. Keeping your camera(s) on their own subnet is a good practice but will not prevent eavesdroppers that have access to neighboring networks. I would highly recommend setting up an access control list (ACL) at either the camera or switch and/or firewall level wherever that may be. Hope this sheds some light on things!
Click to expand...
There is zero security risk with plain text authentication sent over your own network. If someone has access to your network to read it you are already hosed. Someone having access to a neighboring network is irrelevant.
 
  • Like
Reactions: TL1096r
blue66 said:
Genuine question ... why do people bother trying to hack into CCTV? Is it just because they can? So they get to see a boring video feed of my driveway. I don’t really get it.


Sent from my iPhone using Tapatalk
Click to expand...
First I want to point out a common misconception. Someone hacking into your system is likely NOT some kid, a Chinese army or mafia group, all wearing hoodies and sunglasses in a dark warehouse somewhere. They're likely computer professionals who band together to do other things on the side to make money. Very educated, very clean, upstanding to most people. The hacking of the camera isn't necessarily to see what you're doing but it can give a group "another ant in the army" that they can command to attack a website with hundreds of thousands of false requests, essentially crashing someone else (a city, a competitor company, someone they're extorting money from). these cameras are fraught with low security and maintenance. If you want a drone that you can add to your army to sic onto something, the IOT (Internet of Things) devices are great, mindless, unsecure bots to use.

They're also not really going camera to camera to do it. It's all scripted. The scripts will scan the internet, find things to peck at, auto launch scripts to try all known vulnerabilities, record the result of pass/fail/what is seen, and then compile a list. Sometimes the next step might have also been automated as well where if vulnerability found, then it will auto scan the surroundings on the network, see whats there and continue looking and gathering. A goldmine is when a computer is compromised and bitcoin are found. It's much easier to grab than just a bank access where you then have to go into Citibank to get. Also easier not to be tracked (as easily).
 
  • Like
Reactions: windguy, JNDATHP and SouthernYankee
fenderman said:
There is zero security risk with plain text authentication sent over your own network. If someone has access to your network to read it you are already hosed. Someone having access to a neighboring network is irrelevant.
Click to expand...

I should have approached this differently.. where I was going that in situations where people are port forwarding this would be highly relevant.
 
1057D885-AACB-466C-BFCA-754C0DD8E82C.gif

 
  • Like
Reactions: TL1096r
They must hack first your router to hack your camera? Or they just scan your open ports on your ip and then going through an exploit?
 
"Genuine question ... why do people bother trying to hack into CCTV?"
There are certainly those who will do it for kicks, but as others have pointed out access to the cameras may not be the goal, but part of the attack vector to access your network. Poorly secured WiFi routers and WiFi cameras are surprisingly easy to compromise. Commonly used or low complexity passwords, even with WPA2-PSK, can take minutes to crack with the right know-how. I cringe at how often people use easy-to-remember passwords for their home WiFi routers.
 
You must log in or register to reply here.
Top Bottom