Why hack a camera

blue66

n3wb
Joined
Apr 27, 2019
Messages
24
Reaction score
4
Location
Victoria, Australia
Genuine question ... why do people bother trying to hack into CCTV? Is it just because they can? So they get to see a boring video feed of my driveway. I don’t really get it.


Sent from my iPhone using Tapatalk
 

SouthernYankee

IPCT Contributor
Joined
Feb 15, 2018
Messages
5,170
Reaction score
5,320
Location
Houston Tx
Once into your camera they are on your network. Just like hacking into you home PC. That is why cameras should not access the internet or be accessed from the Internet. My cameras are on a different sub net then my home network. The only connection to the home network and the internet is through the BI PC. The BI acts as the Time server for the cameras. Absolutely no access to the internet.

How to Secure Your Network (Don't Get Hacked!) | IP Cam Talk
 

c hris527

Known around here
Joined
Oct 12, 2015
Messages
1,782
Reaction score
2,066
Location
NY
I would say the majority who can and do are doing it for fun or just because they can, however on the other side of the coin, if they can get your camera, they can parlay to other network devices and possibly take down or take over your network, if they can get the cam, they could upload customized firmware and be spying on you and your network or use the camera for DOS attacks like we have already seen from past attacks from IOT devices. Take this seriously if you have IP cams connected to the Internet or on a network that has internet access.
 

Mike A.

Known around here
Joined
May 6, 2017
Messages
3,825
Reaction score
6,377
In most cases they have no interest in you. Cameras are desirable targets since they have a good functional OS and networking capabilities which makes them useful for bot networks, etc. And there are tons out there using default settings, weak passwords, old firmware with known vulnerabilities...
 

mat200

IPCT Contributor
Joined
Jan 17, 2017
Messages
13,668
Reaction score
22,771
Genuine question ... why do people bother trying to hack into CCTV? Is it just because they can? So they get to see a boring video feed of my driveway. I don’t really get it.


Sent from my iPhone using Tapatalk
Hi @blue66

"why do people bother trying to hack into CCTV?"

Ok, Let me expand on the question.

When you state CCTV I believe you're referring to an internet connected IP camera, so:

"why do people bother trying to hack into an internet connected IP camera?"

OK now, an IP camera = a computer that can be used to make money stealing bitcon, extorting money by spreading randsomware, etc..

thus the question is now:
"why do people bother trying to hack into an internet connected computer that can be used to make money stealing bitcon, extorting money by spreading randsomware, etc..?"
 

TL1096r

IPCT Contributor
Joined
Jan 28, 2017
Messages
1,223
Reaction score
465
Once into your camera they are on your network. Just like hacking into you home PC. That is why cameras should not access the internet or be accessed from the Internet. My cameras are on a different sub net then my home network. The only connection to the home network and the internet is through the BI PC. The BI acts as the Time server for the cameras. Absolutely no access to the internet.

How to Secure Your Network (Don't Get Hacked!) | IP Cam Talk
Yes great idea.

I made a write-up for others:
Dual NIC setup on your Blue Iris Machine

This is the setup I have now it is nice having a bit of extra protection.

From articles people hack IP cams due to security flaws that leads them into other parts of your network, use them as DDoS attacks or maybe even spy.
 

streamnvr

n3wb
Joined
Oct 1, 2019
Messages
8
Reaction score
3
Location
New York, NY
What most people overlook is the insecurity of authentication. This is when applications like Blue Iris, etc.. connect to the camera over RTSP or RTMP and the authentication credentials are sent in plain text over the network. Keeping your camera(s) on their own subnet is a good practice but will not prevent eavesdroppers that have access to neighboring networks. I would highly recommend setting up an access control list (ACL) at either the camera or switch and/or firewall level wherever that may be. Hope this sheds some light on things!
 

fenderman

Staff member
Joined
Mar 9, 2014
Messages
36,897
Reaction score
21,250
What most people overlook is the insecurity of authentication. This is when applications like Blue Iris, etc.. connect to the camera over RTSP or RTMP and the authentication credentials are sent in plain text over the network. Keeping your camera(s) on their own subnet is a good practice but will not prevent eavesdroppers that have access to neighboring networks. I would highly recommend setting up an access control list (ACL) at either the camera or switch and/or firewall level wherever that may be. Hope this sheds some light on things!
There is zero security risk with plain text authentication sent over your own network. If someone has access to your network to read it you are already hosed. Someone having access to a neighboring network is irrelevant.
 

area651

Getting comfortable
Joined
Aug 18, 2018
Messages
471
Reaction score
411
Location
San Antonio/McAllen Texas
Genuine question ... why do people bother trying to hack into CCTV? Is it just because they can? So they get to see a boring video feed of my driveway. I don’t really get it.


Sent from my iPhone using Tapatalk
First I want to point out a common misconception. Someone hacking into your system is likely NOT some kid, a Chinese army or mafia group, all wearing hoodies and sunglasses in a dark warehouse somewhere. They're likely computer professionals who band together to do other things on the side to make money. Very educated, very clean, upstanding to most people. The hacking of the camera isn't necessarily to see what you're doing but it can give a group "another ant in the army" that they can command to attack a website with hundreds of thousands of false requests, essentially crashing someone else (a city, a competitor company, someone they're extorting money from). these cameras are fraught with low security and maintenance. If you want a drone that you can add to your army to sic onto something, the IOT (Internet of Things) devices are great, mindless, unsecure bots to use.

They're also not really going camera to camera to do it. It's all scripted. The scripts will scan the internet, find things to peck at, auto launch scripts to try all known vulnerabilities, record the result of pass/fail/what is seen, and then compile a list. Sometimes the next step might have also been automated as well where if vulnerability found, then it will auto scan the surroundings on the network, see whats there and continue looking and gathering. A goldmine is when a computer is compromised and bitcoin are found. It's much easier to grab than just a bank access where you then have to go into Citibank to get. Also easier not to be tracked (as easily).
 

streamnvr

n3wb
Joined
Oct 1, 2019
Messages
8
Reaction score
3
Location
New York, NY
There is zero security risk with plain text authentication sent over your own network. If someone has access to your network to read it you are already hosed. Someone having access to a neighboring network is irrelevant.
I should have approached this differently.. where I was going that in situations where people are port forwarding this would be highly relevant.
 

Matt-One

Young grasshopper
Joined
Oct 4, 2019
Messages
96
Reaction score
17
Location
Europe
They must hack first your router to hack your camera? Or they just scan your open ports on your ip and then going through an exploit?
 

StewartM

Getting the hang of it
Joined
Dec 11, 2017
Messages
260
Reaction score
75
Location
Cape Town
"Genuine question ... why do people bother trying to hack into CCTV?"
There are certainly those who will do it for kicks, but as others have pointed out access to the cameras may not be the goal, but part of the attack vector to access your network. Poorly secured WiFi routers and WiFi cameras are surprisingly easy to compromise. Commonly used or low complexity passwords, even with WPA2-PSK, can take minutes to crack with the right know-how. I cringe at how often people use easy-to-remember passwords for their home WiFi routers.
 
Top