Smart Cams – i.e. remote-controlled cameras connected to the Internet of Things; usable via apps or remote computers – continue to enjoy growing popularity. Often used by their users as baby monitors or for surveillance, they have recently become increasingly popular targets for cyber criminals.
Kaspersky Labs recently discovered that a variety of devices can be accessed remotely without authorization. This makes it possible to steal audio and video recordings; even to exchange their signal according to the feature film model, upload and execute malicious code – or to switch off and destroy the devices completely!
The sad record for vulnerable smart cams currently seems to be held by the former Samsung subsidiary HanWha Techwin from South Korea. Kaspersky’s specialists discovered a total of 13 vulnerabilities in the code and connection of the tested devices to the cloud. However, the cameras concerned continue to be sold, and many (online) retailers still carry these devices in their product range.
HanWha Techwin does not only produce Smart Cams. Their portfolio also includes self-propelled tank artillery guns such as the “K9 Thunder“, self-propelled systems such as the “Samsung SGR-A1” and CCTV systems. The above-mentioned military equipment is currently in use – e.g. in Turkey and South Korea.
Kaspersky could not find out anything about the “cyber security” of war machines. The biggest vulnerability for attacks on HanWha’s smart cams however was the connection to the cloud. Not only was communication with it insecure, the architecture of the service was also highly susceptible to failure. Potential attackers would only need to know the serial number of the respective camera for an attack. However, these numbers are relatively easy to find out through brute force attacks.
Kaspersky Lab discovered nearly 2,000 vulnerable cameras that could be accessed directly from the Internet via their own IP addresses. However, the actual number of vulnerable smart cams behind routers and firewalls is likely to be much higher.
“The problem with current IoT device security is that both customers and vendors mistakenly think that if they integrate the device into their network and disconnect it from the Internet using a router, they will solve most security problems – or at least reduce the severity of the existing problems…
However, our investigations show that this does not necessarily have to be the case: The cameras we examined could only communicate with the outside world via a cloud service that is completely vulnerable.” Vladimir Dashchenko, Head of Vulnerabilities Research Group, Kaspersky Lab ICS CERT.
There is still much to do on security in the Internet of Things.