Skip to content
Wealth Business

Wealth Business

Their Business

Primary Menu
  • Wealth Business
  • Advertise Here
  • Contact Us
  • Privacy Policy
  • Sitemap
  • Home
  • Thousands of webcams vulnerable to attack
  • Financial Function

Thousands of webcams vulnerable to attack

By Vincenzo Sieja 4 months ago

More than 15,000 webcams in homes and offices can be accessed by members of the public and manipulated over just an internet connection.

Many security and conferencing cameras can be accessed remotely by anyone if users implement no additional security measures post-installation, according to findings by Avishai Efrat, a white hat hacker with Wizcase. In other cases, these cameras are set with predictable passwords or  default user credentials.

Webcams susceptible to this include AXIS net cameras, the Cisco Linkys webcam (now owned by Belkin), and WebCamXP 5 software, among many others in countries all across the world.

Many may assume that only devices like routers can be exposed in this way, given they serve as gateways that connect other devices with each other. Webcams, however, can also be accessed remotely in a similar way via peer-to-peer (P2P) networking or port forwarding. It’s through these mechanisms that Internet of Things (IoT) devices, too, can be hacked.

“Is it possible that the devices are intentionally broadcasting? We can only determine this for on certain webcams that we’re able to access the admin panel for,” said Wizcase’s web security expert Chase Williams.

“They’re not necessarily broadcasting, but some may be open in order to function properly with apps and GUIs (interfaces) for the users, for example.

“Also included with some measure of frequency are specifically designated security cameras at places of business, both open and closed to the public which begs the question, just how much privacy can we realistically expect, even inside an allegedly secure building.”

While it’s difficult to know who owns such devices from technical information alone, cyber criminals may be able to ascertain such details using context from videos. Potential attackers can also glean user information and estimate the geolocation of the device in cases where they have admin access.

With the information made available by the unsecure webcams, Wizcase suggests cyber criminals can change settings and admin credentials, obtain bank and payment information, or even give hostile government agencies a glimpse into people’s private lives.

The vulnerabilities can be explained by the fact that manufacturers aim to make the installation process as seamless and user-friendly as possible. This, however, can sometimes result in open ports and no authentication mechanism being set-up.

In addition, many devices aren’t put behind firewalls or virtual private networks (VPNs), which could otherwise offer a measure of protection.

“Standalone cams are notorious for not being secured properly,” said Malwarebytes’ lead malware intelligence analyst Chris Boyd.

“If you have a cheap IoT device in your home watching over your sleeping toddler, or a few handy cams serving as convenient CCTV when you head off to the shops, take heed. It may be that the price for accessing said device on your mobile or tablet is a total lack of security.

“Always read the manual and see what type of security the device is shipping with. It may well be that it has passwords and lockdown features galore, but they’re all switched off by default. If the brand is obscure, you’ll still almost certainly find someone, somewhere has already asked for help about it online.”

Wizcase has suggested that whitelisting specific IP and Mac address to access the camera should filter those with authorised access, and prevent attackers from being able to infiltrate a user’s network.

Adding password authentication, and configuring a home VPN network, too, can mean remotely connecting to the webcam is only possible within the VPN. UPnP should also be disabled if people are using P2P connections.

Featured Resources

An IT executive’s guide to automation

The need for transformative automation

Free Download

The innovator’s shift to composable ERP

How to modernise with as little risk as possible

Free Download

The new normal: The future role of finance

The changing role of the finance function during business disruption

Free Download

Integration tools and strategies for SAP S/4HANA

Tackling some of the world’s greatest technology challenges

Free Download

Tags: American Express Business Cards, Att Business Customer Service, Att Business Internet, Att Business Login, Bad Business Codes, Bank Of America Small Business, Buffalo Business First, Business Administration Jobs, Business Administration Salary, Business Analyst Jobs, Business Card Dimensions, Business Casual Female, Business Casual For Women, Business Casual Women Outfits, Business Ideas 2021, Business Letter Example, Business License California, Business Name Search, Business Process Reengineering, Business Proposal Template, Buy A Business, Card For Business, Chase For Business, Chase Ink Business Card, Columbia Business School, Costco Business Center San Jose, Emirates Business Class, Facebook Business Account, Fictitious Business Name, Florida Business Entity Search, Ga Sos Business Search, Georgia Business Search, Google Business Email, Houston Business Journal, Illinois Business Search, Instagram Business Account, Is Lularoe Still In Business, London Business School, Master Of Business Administration, Men'S Business Casual, Pittsburgh Business Times, Qualified Business Income Deduction, Sacramento Business Journal, Secured Business Credit Card, Standard Business Card Size, T Mobile Business, Texas Business Search, Tië³´o The Business, Top Business Schools In Us, Types Of Business

Continue Reading

Previous LetGetChecked Appoints Nigel Clerkin as Chief Financial Officer
Next Assam gives one-time financial assistance to Rongali Bihu celebration committees

Recent Posts

  • Electronic Home Equipment Showroom In Bhopal
  • Rhode Island business news: July 2022
  • Central Pacific Financial (CPF) Q2 2022 Earnings Call Transcript
  • Thursday headlines: McMaster, Evette to be GOP gubernatorial ticket again
  • Muse Finance Announces New Advisory Board

Archives

  • August 2022
  • July 2022
  • June 2022
  • May 2022
  • April 2022
  • March 2022
  • October 2021
  • August 2021
  • July 2021
  • June 2021
  • May 2021
  • April 2021
  • March 2021
  • December 2020
  • November 2020
  • November 2018
  • October 2018
  • January 2017

Categories

  • Business & Finance News
  • Business Finance & Support
  • Business Headlines
  • Financial Function
  • Internet BusinessEmail Marketing
  • Wealth Business

visit now

Example
Intellifluence Trusted Blogger

backlinks

textlinks

buybacklinks.online/product/web-design-guest-post 

bestwindshieldwipers2019.xyz © All rights reserved. | Magazine 7 by AF themes.