Most CCTV systems are easily accessible to attackers
Posted on 17 May 2012.
The use of CCTV cameras for physical surveillance of all kinds of environments has become so pervasive that most of us don't give the devices a second thought anymore.


But, those individuals and organizations who actually use and control them should be aware that most of them come with default settings that make them vulnerable to outside attacks.

According to Gotham Digital Science researcher Justin Cacak, standalone CCTV video surveillance systems by MicroDigital, HIVISION, CTRing, and many other rebranded devices are not only shipped with remote access enabled by default, but also with preconfigured default accounts and passwords that are banal and easy to guess.

"Many owners of CCTV video surveillance systems may not even be fully aware of the device’s remote access capabilities as monitoring may be conducted exclusively via the local video console," he pointed out in a blog post.

Add to this the fact that these same owners often fail to change default password for the admin account, or change it to one equally easy to guess, and you have a recipe for disaster.

"Interacting with the standalone CCTV system can be achieved via a Win32 thick client, a mobile device, or an IE ActiveX control in which a user name and password are required," he explains. "Typically, in over 70% of cases the device is still configured with the default vendor password which allows trivial access to real time video, the ability to control PTZ (pan-tilt-zoom) cameras, and access to any archived footage."

Cacak says that video surveillance devices are often overlooked during security audits and vulnerability/penetration tests, but this is likely to change, as the company's researchers have collaborated with Rapid7 developers and have created a new Metasploit module that tests the most popular CCTV systems - including the aforementioned ones.

He also gave good advice to CCTV deployers: change the default vendor passwords to strong ones, filter access to only trusted hosts, and disable the system's remote access if it's not needed.






Spotlight

The security threat of unsanctioned file sharing

Posted on 31 October 2014.  |  Organisational leadership is failing to respond to the escalating risk of ungoverned file sharing practices among their employees, and employees routinely breach IT policies.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 31st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //