So the video is for an older generation. The 5442 has the reset button next to the SD slot. I opened up one cam, kept looking inside of it and then my wife noticed that on the little plate covering the SD slot it says Reset. First I felt like an idiot and then I remembered that I was on a ladder being chewed up by mosquitos resetting my cameras because of her
Obviously you want to want to block them off from the internet but what are the common exploits?
Any port forwards, UPnP, QR code scan type ease of use opens up your system to being hacked due to security vulnerabilities in security cameras (ironic I know). Last thing you need is some hacker get into your system, not to look at your cameras, but to employ a DoS attack originating from your IP address...or worse gaining access to your banking and other sensitive stuff....
Or sometimes it is just to peep at you...
I have a friend that falls under this "I just want to plug it in and scan a code and it works and is cheap" mindset. Many years ago she bought a Foscam wifi camera to monitor her front door. She plugged it in and pointed it out a 2nd story window and downloaded the Foscam app and scanned the QR code and magically she could see her camera.
A few years later she bought a wifi printer and again, simply dowloaded the app from the manufacturer and scanned the QR code and she could start printing.
One time in the middle of the night, she hears her printer printing a page. She thinks maybe she is dreaming or hearing things, so she thinks nothing of it and goes back to sleep. Next morning she gets up and the printed page says I SEE YOU and a picture of her from her Foscam was below it.
She changes her wifi password in case it was the peeping perv next door that she has caught looking at her from through her window and he guessed her password, which was password because she liked thing simple.
Problem still persists. She goes into Foscam app and changes the password to the camera. Problem still persists. She gets a new router. Problem still persists. She gets rid of camera and printer.
At some point Foscam issues a security vulnerability and issued a firmware update. Based on chatter on forums, basically the vulnerability was something like when logging into the camera with a web browser over HTTPS, the initial login to the site is done using SSL. But then it establishes a connection to the HTTPS port again (for the media service) and sends all of its commands unencrypted. This means the username and passwords are being sent unencrypted. While this was a security vulnerability found in Foscam, I suspect it is in others as well. I suspect this is how my friend was hacked and someone was sending pictures of her taken from her Foscam camera to her wifi printer that she set up using the QR code.
An older article, but I bet most of these still have the vulnerability as most do not push out firmware to fix holes in security:
New IoT Botnet Rises Feeding on Vulnerable Security Cameras
A new botnet is slowly building critical mass on the back of unsecured webcams and IP cameras, currently mass-scanning the Internet for vulnerable devices.
www.bleepingcomputer.com
