I recently received a call from a panicked integrator friend of mine. His customer’s security cameras had all gone dark. When he arrived at the customer’s home to investigate, what he found was more than a little disconcerting.
The network DVR had been hacked! All 16 cameras had been renamed “Hacked1”, “Hacked2”, etc., and the brightness was adjusted to zero. While the attacker could have certainly been more malicious, the idea of having security cameras hacked can be rather unsettling as it is an intrusion on your personal and physical space. Just imagine what this attacker could have done.
When checking the logs, my friend found that the attacker had logged into the admin account at 11:37 pm at night. The DVR had logged the IP address of the login, which geo-located to Poland, but in reality could have originated from anywhere.
My friend was most interested to know how the attacker had gained access to the system. Immediately, I asked whether he happened to have port forwarding enabled for the DVR’s IP address for remote access. He responded in the affirmative. I explained that port-forwarding for a DVR was a bad practice for this very reason—IP ranges can be scanned and IP addresses can be scanned for open ports. But, “how else can the customer access the DVR remotely?” he asked.
For the next several minutes we discussed the importance of placing more emphasis on the customer’s security as well as the options and methods to deliver more secure remote access, including VPN, cloud-based camera storage, and remote monitoring and management (RMM). I also reminded him that had he previously installed an RMM solution, he could have easily connected remotely (and securely) to restore the system’s functionality within minutes after he received the call from his customer—all without leaving his home office.
The reality is that consumer electronics (even professional/commercial grade products) will always have vulnerabilities. Hackers will always be looking for those vulnerabilities, finding them and exploiting them. With an ever-growing number of IP-enabled devices being deployed on the average network, it’s more important than ever that we as manufacturers and integrators focus on the security of our customers’ networks and data.
So, let my friend’s recent experience be a good reminder and warning to us all. As an integrator or service provider, if you haven’t taken the time to educate yourself on network security, you’re overdue. If you aren’t already taking steps to proactively monitor and manage your customers’ systems remotely, you’re behind.