When the first decentralized IP security cameras hit the market in 1999, they offered a solution to visual security gaps. Many enterprises were unable to install new cameras due to limited space or access to telephone lines. Using cameras that connected via the internet allowed them flexibility in both location and storage. These cameras also provided better overall image quality and their popularity soon spiked.
However, through these internet-connected devices, new threats emerged. Criminals could gain access to surveillance cameras and make their feeds public or use them to help coordinate larger attacks. While there is an inherent risk of hacking in IP cameras, understanding how these devices become threats helps to establish plans for their safe, effective use.
Lessons Learned from IP Camera Hacks
IP cameras are targets of hackers for two reasons:
- Like other IoT devices, they can be used in cyber attacks. By turning the device into a “bot,” hackers overwrite the camera’s purpose and instead use it to send malicious code to support distributed denial-of-service (DDoS) attacks and other cyber crimes.
- IP camera data is highly desirable. Criminals could use live camera feeds to plan crimes, steal private information or just make nuisances of themselves.
For example, in 2014 a website called Insecam made the news as it was live streaming the data from thousands of cameras around the world. These unsecured streams occurred industry-wide, from small local churches and schools to international airports and major corporations. That website is still in existence today because technically, it didn’t do anything illegal. The site didn’t hack anything. It just put data that was freely available online. Most IP camera users featured on the site weren’t aware they were public as they let their password default or never set one. Fortunately, this wound up being a very easy fix. As a soon as the camera users established new passwords, their feeds could no longer be accessed by the site.
A far more sophisticated case of camera exploitation caused national security concerns in 2017. Hackers were able to compromise the servers of the Washington, D.C. police’s security camera network. This caused 123 of the department’s 187 surveillance cameras to go offline. As it occurred only a week before President Trump’s inauguration, it was suspected to be a potential terrorist attack. It was later discovered to be ransomware, and the perpetrators were caught and arrested, but only after the district had to spend days shutting down and correcting the network.
Both these cases show how dangerous inexperienced installation of IP cameras can be. An enterprise may start using IP cameras without understanding the security steps needed for privacy. Even police camera networks can be taken by surprise when not properly installed. Asking security experts and establishing some basic best practices can help reduce the risk by enabling additional, automatic security protections.
Addressing IP Camera Security Vulnerabilities with Best Practices
Most security providers will tell you a local network, as opposed to an internet-based public one, is the most secure from hacking. But the potential for a breach is still there if the camera’s IP address is discoverable by outside parties. Often, this visibility is a mistake in installation and can happen if the installer either doesn’t know or doesn’t follow the proper protocols for protecting the camera’s IP address. By creating a standard installation process, where specific steps are followed every time in setting a secure IP address, you can eliminate one of the most common causes of breach by making your camera non-discoverable to hackers.
It’s important to establish network protocols that allow for firmware over-the-air (FOTA) updates or patches, which are frequent and necessary. As soon as one flaw is patched by camera manufacturers, hackers create another. Because of this, all cameras will need regular access to new firmware, which can be extremely time consuming and disruptive if there are thousands of devices all connected to one network. If an enterprise’s security system doesn’t maintain an up-to-date camera inventory, it’s almost a guarantee their devices have outdated, exploitable software flaws. Resolving this issue requires completing a full system inventory to see which cameras are online and may need updating. Once the inventory is complete, FOTA can be enabled on all devices for timely updates going forward.
It’s also possible to mitigate damages if malicious programming makes it onto a device by establishing a secure boot process. In this, the hardware of a device validates the software and only boots up if the OS is recognized and tamper-free. Secure boots quarantine malicious programming to the compromised device and keep it from transmitting data. But if someone doesn’t know about secure booting, they’re not going to know to enable it when they install a camera.
Breaking it down to three basic steps, you want to:
- Establish non-routable, static IP addresses to keep devices from being discovered by outsiders.
- Enable secure boots and FOTA updates to automate basic security processes like installing security updates and quarantining malicious programming.
- Monitor the entire system for issues, especially for cameras that go offline. This is often the first warning of an attempted hack.
Keeping up with IP security camera vulnerabilities is challenging but worth it. These devices allow enterprises to scale their surveillance, monitor remote locations and access needed data easily. Working with someone well-versed in both the hardware and software needs of these systems ensures businesses can benefit from the IP camera’s strengths while avoiding its drawbacks.