Many IP camera owners exposed their devices online. A quick search by Cybernews researchers uncovered thousands of connected digital “eyes” that were supposed to be private.
A poorly configured security camera is a vulnerability in itself, as it is an easy target for hackers. Tools are developed to hack internet protocol (IP) cameras with ease, and beyond that some owners even leave theirs accessible to everybody.
According to the Shodan search engine, at least 8,373 real-time streaming protocol (RTSP) cameras are exposed worldwide. Anyone could find even the latest saved screenshots of what the cameras see, said Cybernews researchers. Some cameras could even be found on Google, searching parts of default URLs commonly used by camera vendors.
Usually, many cameras are left with default access passwords such as “admin”, as revealed by other Cybernews research.
RTSP is a communication system that transfers real-time data from a multimedia source to an endpoint device. While more secure alternatives exist, most modern IP cameras rely on this aging protocol, which neither offers encryption nor lockout mechanisms for password-guessing.
“It means that if a bad actor found a camera and wanted to brute-force login credentials, he could use well-known software tools to do so without any interruption or lockout,” the Cybernews research team said.
Most of the exposed cameras were found in Taiwan, Vietnam, South Korea, Russia and Iran.
Previous research has revealed hundreds of thousands of easily accessible IP cameras worldwide.
Hackers have a powerful toolkit
Cybercriminals can exploit camera and network weaknesses, with open-source tools widely available.
A few commands allow one to scan networks for exposed cameras and access them, or brute force the credentials using dictionaries.
When it comes to scanning the preferred IP address, a single command will reveal if the RTSP stream can be found in the target.
“Most IP cameras use the RTSP to establish and control video and audio streams. RTSP acts as a rail track for transporting video data from point A, or camera, to point B, which could be VLC Player, RTSP viewers, RTSP Client, or other software,” Cybernews said.
If the camera is not adequately secured, the users risk their privacy and security.
Risks and their significance
- Unauthorized Access: Poorly protected RTSP cameras can be accessed by anyone with the appropriate URL or software. This can lead to unauthorized viewing of live video feeds.
- Privacy Concerns: Exposed cameras could potentially capture sensitive or private information, leading to privacy violations if accessed by unauthorized individuals. The potential for unauthorized access to live video streams undermines people's trust in surveillance systems designed to enhance safety.
- Surveillance Risks: Access to RTSP streams from security cameras could be used for malicious purposes, such as tracking people's movements, monitoring routines, planning break-ins, or other criminal activities. This poses a tangible threat to personal safety, public spaces, and secure facilities.
- Network Vulnerabilities and breaches: In some cases, exploiting an exposed camera could provide attackers with a foothold in the network, allowing them to potentially launch further attacks or gain access to other devices connected to the same network. A vulnerability in one device can have cascading effects on an entire network.
- Data Interception: Unencrypted RTSP streams can be intercepted by attackers, allowing them to capture the video data and potentially manipulate or alter the footage.
- Legal and Ethical Concerns: The unchecked exposure of RTSP camera feeds can lead to legal and ethical dilemmas. Individuals and organizations may unknowingly breach privacy regulations or moral standards, leading to legal liabilities and reputational damage.
- Public Safety Risks: Exposed RTSP cameras can compromise public safety initiatives by allowing unauthorized access to video feeds. This can lead to disruptions, unauthorized surveillance, and even tampering with security measures.
Use encryption with strong credentials
To ensure the security of the RTSP cameras, separation and encryption are the two strategies Cybernews researchers recommend, along with strong credentials.
First, it is a good rule of thumb to ensure all the cameras are connected to a separate protected subnet with end-to-end encryption, or WPA2 (Wi-Fi Protected Access 2), if the network is wireless.
- Use encryption mechanisms to secure the communication between the camera and the viewing client. A Virtual Private Network (VPN) for remote access is preferred.
- Ensure that RTSP cameras require solid and unique passwords for access. Using default or weak passwords is a common mistake that can easily lead to unauthorized access.
- Keep camera firmware up to date to address security vulnerabilities and improve overall system security.
- Implement access controls to limit who can view the camera feeds. This could involve using IP whitelisting or a VPN for remote access.
- Consider moving to protocols providing encryption, such as HTTPS.
“The significance of exposed RTSP cameras extends beyond technical vulnerabilities, touching on fundamental principles of privacy, security, ethics, and trust. Addressing this issue is essential not only for protecting digital assets but also for upholding the rights and values that underpin modern society,” researchers concluded.
More from Cybernews:
Subscribe to our newsletter