More than 3.5 million assets made in China IP cameras are only protected by a provider’s default key codeor completely unprotected, putting users at risk of espionage, experts warned.
New research of cyber news (opens in a new tab) found more than 458,000 devices protected by default credentials only operating in the US alone, along with nearly 250,000 in the UK, with countries like Mexico, China, the Republic of Korea, India, Brazil and Russia also listed on the list.
At least 21,000 cameras around the world lack any authentication, raising questions about invasions of privacyand the impact that IP cameras are having on the global increase in Cyberwar.
security camera passwords
All devices connected to the Internet are at risk of being accessed by unknown and potentially malicious third parties. In the case of security cameras, threat actors can access the live feed, record sensitive personal data, and use the camera as a vulnerable final point in a network
Researchers for cyber news They are concerned that all of the camera brands you found in your review have products in the works that can work without changing the default password, or at all. These include Hikvision, HIPCam, Cisco, Toshiba, and Linksys.
It’s not all bad news though. The latest products from the most popular camera manufacturers are programmed, either by model or firmware version, to force users to set a password, or generate a single random one.
96.4% of cameras cyber news tested belonged to these brands, but it is worth noting that this does not mean that 96% of connected cameras benefit from increased protection.
Hardware devices often age, become depreciated by the manufacturer, and become ineligible for firmware updates, which can also lead to security patches. The vast majority of connected IP cameras will not be the newest models requiring, or at least recommending, healthy password security practices.
Where we are now is certainly an improvement on the results of cyber news‘ research on this very topic last year, which found that only 5.3% of cameras require setting a password.
The world is gravitating toward cyber warfare in the wake of the Russia-Ukraine conflict and China’s growing reputation as a surveillance provider, with data hijacking Y DDoS Attacks become especially common.
With that, there are growing fears about how devices from popular IP camera brands, such as China’s Hikvision, could be used by state-sponsored threat actors.
cyber news reported that, at least until December 2022, Hikvision advertised “demographic profiling facial analysis algorithms” as part of its products on the company’s website, but that after an investigation (opens in a new tab) by The Guardianthe ads were removed.
Some Western democracies have withstood the growing influence of foreign surveillance technology better than others in recent years.
In July 2019, then UK Prime Minister Theresa May receded (opens in a new tab) of his plan to allow Chinese company Huawei to help develop the country’s 5G infrastructure following US pressure and in September 2020, The Guardian reported (opens in a new tab)that US blacklisted Hikvision cameras were installed in UK entertainment centers and, alarmingly, in school toilets.
However, things are moving in the right direction.
In November 2022, the United Kingdom forbidden (opens in a new tab) Chinese surveillance equipment of “sensitive” government sites, while the US Federal Communications Commission (FCC). adopted rules (opens in a new tab) prevent “communications equipment deemed to pose an unacceptable risk to national security” from being imported or sold into the country.