Kaspersky Lab discovers severe flaws that could transform popular smart cameras into surveillance tool

Posted on Mar 13 2018 - 10:12am by Upgrade Staff

Kaspersky Lab researchers discovered multiple security vulnerabilities in popular smart cameras that are frequently used as baby monitors, or for internal home and office security surveillance. According to the research, the uncovered flaws could allow attackers to obtain remote access to video and audio feeds from the cameras, remotely disable these devices, execute arbitrary malicious code on them and do many other things.

Modern smart cameras contain an advanced number of functions, providing users with various opportunities: people can use them as advanced baby monitors or for surveillance systems which spot intruders while no one is home or in the office. But, are these cameras secure enough by design and what if such a smart camera started watching you, instead of watching your home?

Previous analysis conducted by many other security researchers has shown that smart cameras in general tend to contain security vulnerabilities at different levels of severity. However, in their latest research, Kaspersky Lab experts uncovered something extraordinary: not just one, but a whole range of smart cameras was found to be vulnerable to a number of severe remote attacks. This was due to an insecurely designed cloud-backbone system that was initially created to enable the owners of these cameras to remotely access video from their devices.

By exploiting these vulnerabilities, malicious users could execute the following attacks:

  • Access video and audio feeds from any camera connected to the vulnerable cloud service;
  • Remotely gain root access to a camera and use it as an entry-point for further attacks on other devices on both local and external networks.
  • Remotely upload and execute arbitrary malicious code on the cameras;
  • Steal personal information such as users’ social network accounts and information which is used to send users notifications.
  • Remotely “brick” vulnerable cameras. (To brick means to cause it to become completely unable to function, typically on a permanent basis.)

Following the discovery, Kaspersky Lab researchers contacted and reported the vulnerabilities to Hanwha Techwin, the manufacturer of the affected cameras. At the time of publication, some vulnerabilities had already been fixed, and the remaining vulnerabilities are set to be completely fixed soon, according to the manufacturer.

All these attacks were possible because experts found that the way the cameras interacted with the cloud service was insecure and open to relatively easy interference. They also found that the architecture of the cloud service itself was vulnerable to external interference.

It is important to note that such attacks were only possible if attackers knew the serial number of the camera. However, the way in which serial numbers are generated is relatively easy to find out through simple brute-force attacks: the camera registering system didn’t have brute force protection.

While doing their research, Kaspersky Lab experts were able to identify almost 2,000 vulnerable cameras working online, but these were only the cameras that had their own IP address, hence were directly available through the internet. The real number of vulnerable devices placed behind routers and firewalls could actually be several times higher.

In addition, researchers found an undocumented functionality, which could be used by the manufacturer for final production test purposes. However, at the same time criminals could use this hidden avenue to send wrong signals to any camera or change a command already sent to it. Besides that, the feature itself was found to be vulnerable. It could be further exploited with a buffer overflow, potentially leading to the camera’s shutdown. The vendor has now fixed the issue and removed this feature.

“The problem with current IoT device security is that both customers and vendors mistakenly think that if you place the device inside your network, and separate it from the wider internet with the help of a router, you will solve most security problems – or at least significantly decrease the severity of existing issues. In many cases this is correct: before exploiting security issues in devices inside of a targeted network, one would need to gain access to the router. However, our research shows that this may not actually be the case at all: given that the cameras we investigated were only able to talk with the external world via a cloud service, which was totally vulnerable,” said Vladimir Dashchenko, head of vulnerabilities research group at Kaspersky Lab ICS CERT. “The interesting thing is that besides the previously-described attack vectors such as malware infections and botnets, we found that the cameras could also be used for mining. While mining is becoming one of the main security threats facing businesses, IoT mining is an emerging trend due to the growing prevalence of IoT devices, and will continue to increase.”

Related Posts

Kaspersky releases lab report on DDoS attacks in Q... The first quarter of 2017 has confirmed the forecasts about the evolution of DDoS attacks made by Kaspersky Lab experts following the 2016 results. It...
OFWs need to understand the risks of digital payme... Stephan Neumeier, managing director at Kaspersky Lab Asia-Pacific The growing adoption of digital payment technology in the Philippines and the ri...
What we can do about ransomware – today and tomorr... By Alan Zeichick Principal Analyst, Camden Associates Ransomware is a huge problem that’s causing real harm to businesses and individuals. Tec...
NCR launches new suite of CxBanking solutions Omni-channel solutions provider NCR Corporation launched a new suite of CxBanking solutions. These technologies consist of the first thin client autom...
Internet-connected cars vulnerable to cyber attack... Internet-connected cars are now becoming a reality and various international studies show that their market will continue to grow in the near future. ...
Relationship break-ups put personal privacy at ris... With online accounts and connected devices playing an ever-growing role in our daily lives, it has become harder than ever for people in relationships...
Php2M awaits winner of Kaspersky’s cybersecu... Young Filipino entrepreneurs are now given the chance to build their knowledge in cybersecurity and win $50,000 or over P2 million prize fund as Kaspe...
Kaspersky Lab helps disrupt Lazarus Group cyber-at... Together with Novetta and other partners, Kaspersky Lab announced its contribution to Operation Blockbuster, which aimed to disrupt the activity of th...
What security researchers think of iPhone 5S finge... Apple has announced the long awaited iPhone 5S and iOS 7. The new smartphone packs a lot of new specs, but the star of the show from a security resear...
OPINION | Bulk messaging malware in Facebook Messe... By Alex Drozhzhin of Kaspersky Lab Some time ago, an antivirus expert from our Global Research and Analysis Team, David Jacoby, discovered multiplatf...
About the Author

Leave A Response