ADVERTISEMENT

RATs can sniff out your Chinese-made web cameras: here’s how to defend yourself

Malicious campaigns are attacking Chinese-branded IoT devices – web cameras and DVRs – to crack authentication. Unfortunately, vendors are seemingly not in a rush to patch the targeted vulnerabilities.

HiatusRAT Chinese web cameras

Image by Cybernews

Paulina Okunytė
Paulina Okunytė Senior Journalist
Dec 17, 2024 Updated: 17 December 2024 2 min read
Paulius Grinkevičius B&W Gintaras Radauskas vilius Jurgita Lapienyte
Don’t miss our latest stories on Google News
Add us as your Preferred Source on Google.
ADVERTISEMENT

What if you own a Hikvision or Xiongmai device?

  • Review or establish security policies, user agreements, and patch management plans to mitigate threats posed by these and other malicious cyber actors.
  • Promptly patch and update operating systems, software, and firmware as soon as the manufacturer releases updates. Consider removing devices no longer supported by the manufacturer from your network.
  • Regularly update network system and account passwords, and avoid reusing passwords across multiple accounts. Replace default or weak passwords with strong, unique credentials.
  • Enforce a robust password policy that includes using strong, unique passwords for all protected accounts, changing default credentials, implementing lockout mechanisms for failed login attempts, preventing password reuse, and securely storing passwords.
  • Enable multi-factor authentication (MFA) wherever possible.
  • Deploy security monitoring tools to log and analyze network traffic, establish baseline activity, and detect anomalies such as lateral network movement.
  • Monitor and review remote access/Remote Desktop Protocol (RDP) logs regularly, and disable unused remote access or RDP ports.
  • Implement application and remote access allowlisting policies to ensure only authorized programs are executed under an established security framework.
  • Regularly audit administrative user accounts, define access privileges based on the principle of least privilege, and adjust permissions as needed.
  • Monitor and audit logs consistently to verify the legitimacy of new accounts and to establish baselines for normal user activity.
  • Conduct network scans to identify open and listening ports, and disable any that are unnecessary.
ADVERTISEMENT