Default passwords make IP cameras surprisingly easy to hack
Over 380,000 public-facing cameras have been discovered online
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Following the recentbreach of the startup Verkadathat allowed hackers to access thousands of security cameras including in jails and even Tesla offices,CyberNewsdecided to conduct its own investigation to find out if there are more public-facing cameras that can be easily accessed.
To conduct its research, the news outlet analyzed cameras connected to the internet worldwide made by the 30 most recognized manufacturers. In the end,CyberNewsfound 380,000 remote-access cameras with 27 brands selling their products with default credentials.
The exposed cameras it discovered online are all CCTV/IP camerasthat can be used for CCTV surveillance both outdoors and indoors. This means that they could be recording everything from a remote parking lot or warehouse to a smart doorbell or baby camera.
What shockedCyberNewsthe most is the fact that the vast majority of these devices shipped withdefault credentialswhich if not changed before use, can leave them open for anyone to view. Default passwords from top IP camera manufacturers are just an online search away and even those with few technical skills could potentially access these cameras.
Exposed IP cameras
When it came to the countries with the highest number of public-facing cameras, the US topped the list followed by Germany with over 50,000 cameras while China came in third with just over 25k.
CyberNews' research indicates that the Chinese camera manufacturerHIKVisionhas the largest number of public-facing cameras online and the news outlet identified 124,000 of the company’s cameras in use worldwide. However, they do not ship their devices with default passwords according to a company spokesperson that reached out toTechRadar Proover email, saying:
“As a leading manufacturer of security cameras, Hikvision does not deliver cameras with a default password, and we have full implementation of a secure-by-design production process.”
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
The US-based manufacturer HIPCam came in second on the researcher’s list with at least 85,000 cameras connected to the internet.CyberNewsalso identified over 73,000 public-facing cameras from the Taiwanese manufacturerD-Link.
To avoid being spied on online, both businesses and consumers should immediately change the default passwords of their security cameras after purchasing a new device. If you’re unable to create a strong, complex password on your own, you can always use apassword generatorto create one for you and manypassword managersnow include this capability as well.
ViaCyberNews
After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.
This new phishing strategy utilizes GitHub comments to distribute malware
Should your VPN always be on?
Sonos Arc Ultra review: the best one-box Dolby Atmos soundbar for the price, with one grating flaw
