A range of smart cameras is vulnerable to hackers because they contain a range of security vulnerabilities. Hackers will be able to exploit these and might be able to use them for surveillance and exploits on the networks these cameras are linked to.
Cameras made by Hanwha Techwin might permit attackers to gain access to live feeds, video, and audio, as well as to the root system opening doors to the entire network connected to it.
The security flaws in the range made by the South Korean firm were identified at security company Kaspersky Lab. Kaspersky so far managed to identify more than 2000 cameras that could be accessed through public IP addresses on the open web. Some experts estimate this amount to be much higher if devices installed behind firewalls and routers were taken into consideration.
It seems that knowing the serial numbers of these cameras are a prerequisite before a camera can be penetrated this way, but experts say serial numbers can be easily ascertained by hackers using brute-force attacks, especially since the camera registering system is completely vulnerable to such attacks.
The vulnerabilities in the SNH-V640PN/PNW SmartCam is to a large extent based it’s cloud-based infrastructure. The camera cannot connect directly to any device but rather links to the router using an onboard wifi hotspot, while the users then connect to the camera using their own devices. What started off as a huge benefit to users, making of-site use of their camera seamless, has become the wide open door for hackers.
And there’s more. Due to weaknesses in the cloud server architecture, intruders can possibly exploit all cameras on the cloud, and even control them, according to Kaspersky. Experts blame this vulnerability in the cloud on the fact that its based on XMPP communications protocols. Attackers can register random accounts on the Jabber server. Since all the Hanwha cameras are hosted there, the hacker can intrude into every section of Jabber, penetrating every camera, and accessing every camera feed.
What’s even worse is hackers can disable the cameras. Since the update server is specified in the form of a URL address in the camera’s configuration, the vulnerable Hanwha cloud structure can enable hackers to spoof the specified DNS server addresses in the settings. And this is dangerous.
If modified software were distributed it can possibly switch the web interfaces of cameras, granting the attacker administrator rights as well as total control of the Linux system on the device.
And once the hacker controls the camera, he is a step away from the whole network. According to Kaspersky, this will enable the hacker to send notifications from the camera to the user, hence stealing the user’s credentials.
Since Hanwha was informed of the vulnerabilities of their system, they have not yet succeeded in patching all weaknesses. Hanwha promises that it will be all good, soon. They emphasize that they fully understand that customer security is the single most important priority in their business and stated that they have fixed most loopholes in the Remote Upload and Execution of arbitrary malware.
Updated firmware has already been released to all users, and they promise that all cloud vulnerabilities will be fixed soon. A drive to secure loT devices is driven by the UK government, the European Union, and the US government.