Security cameras are great to help protect homes and businesses, but can be vulnerable to attacks

CCTV cameras have become an inevitable part of keeping our businesses & homes safe. Starting from protecting your livelihood, acting as a crime deterrent, and keeping track of what is happening at the premises where they are installed, the advantages of installing CCTV cameras are many.

As per a report published by IHS Markit, it was estimated that by the end of 2021, there will be around 1 billion security cameras installed worldwide. With the number of security cameras on the rise, organizations & individuals are becoming vulnerable to hacker attacks.

You may find it hard to believe when we say most security cameras are easy to hack. There have been many instances where hackers have tampered with the security system and caused serious losses, or even used the cameras to spy on the people who installed them. What is potentially even more deadly, is the fact that many of these attacks are used for far more nefarious reasons, allowing hackers to sit on a network and collect data like bank account information, credit card info or more.

This article will look at some easy steps both organizations and private users can take to protect themselves from hackers and keep their security cameras and network safer.


Why are Security Cameras Vulnerable to Hackers?

When it comes to digital security, the easier the cameras are to install and connect, the more vulnerable they are to attack. Cloud-based WiFi cameras and P2P Standalone DVRs are the 2 most vulnerable systems on the market today when it comes to security cameras, this is the reason that most professional companies avoid installation of these types of cameras at all costs.

WiFi, Cloud-based and/or P2P (Peer to Peer) connected IP cameras are some of the most popular cameras for retail sales, but they are also the most easily hacked. These cameras connect directly to a customer's WiFi network giving the cameras internet access. This makes for an easy installation process, however easier usually means less secure and that is certainly the case with these cameras. Each of these cameras connect to an outside 3rd party server constantly, and are designed to circumvent the built-in security of your router. This is done intentionally by the manufacturers to reduce the need for technical support, because if your camera has internet, it can reach out to their 3rd party server. When you attempt to connect to your camera through your phone, you actually connect to the 3rd party server and it connects you with your camera. This means that if a hacker finds an exploit in one of those cameras, then they can easily increment the serial number of the cameras and instantly access all of those cameras. Users would not even likely know that their camera has been accessed.

Another type of system that is equally as vulnerable to attacks, are standalone DVRs or NVRs. In these types of systems, the cameras do not connect directly to the internet, but instead plug into a DVR or NVR that converts the video, records the video onto a built-in hard drive and then connects to the internet. Unfortunately, these systems then use the same flawed P2P connection method to connect to a third party server. This makes end-user installation a breeze because no user configuration of a router is required in order to configure the remote access. These DVRs are often even less secure than the WiFi cloud cameras, allowing hackers to easily connect to the DVR by incrementing serial numbers and going through the 3rd party P2P server. These embedded DVRs and NVRs are actually one of the most easily hackable electronics and have been used for many more nefarious problems, such as the 2016 Mirai botnet attack. This botnet attack used many IoT devices, cloud cameras and P2P DVRs and NVRs as well as thermostats and other devices to take down greater portions of the internet for large portions of a day. The cheap price of some of these DVRs and NVRs encourages home and business owners to purchase them, but in many cases they are inviting an easy intrusion to their network.

The best way to help prevent unnecessary security problems for your home or business, is to employ a professional security camera company that specializes in security cameras and who understands network security. Companies like electricians who 'also install security cameras' are not recommended, as they usually employ P2P DVRs and NVRs because they don't understand the network security protocols that are required to help ensure the most secure camera installation while still allowing remote access. Professional security camera companies do not employ the Cloud-based or P2P WiFi camera technologies because they are so vulnerable. Proper HD security camera systems should keep cameras completely isolated physically or virtually from the internet and do not use p2p access for the remote access. Instead, encrypted remote access that forces your phone to connect directly to the router of your internet connection instead of through a 3rd party server. This uses the built-in security of your network router instead of circumventing it, helping to keep your network and cameras secure from prying eyes. We recommend PC based NVR software and NVRs like our AVM NVRs


How Do Hackers Gain Access to Your Security Video Feed?

There are two main ways in which hackers gain access to your video feed.


  1. Access the feed locally

To access the video feed from your surveillance camera locally, the hacker must be within the range of your network. This is possible with many of the Wireless cameras. If your WiFi network is not fully secured, or the hacker has obtained login information by intrusion into the camera through the 3rd party server, then they can login to your WiFi network directly once in range. Now the cameras, or your entire WiFi network can be shut down to stop cameras from recording or access the data on your network to grab information from your computers or other devices.

At absolute minimum, change the default password of your WiFi router and security cameras to ensure that the cameras are at least using a minimum of security. The most common intrusion into cameras is due to end-users not changing their default passwords or using passwords that are easy to guess.


  1. Remote Hacks

Breach of data isn't uncommon these days, and it can be considered the common way hackers get access to your login credentials. If you use the same login to your security cameras that you use for logins to other websites, then hackers might use your information to login to your cameras directly. We recommend keeping your username and password different for your security cameras than what you use for other purposes and changing it frequently to prevent intrusion or guessing.

As said earlier, no system is 100% secure, but there is a lot a user can do to ensure the safety of security footage. All you need to do is invest some time to incorporate relatively simple security measures and precautions.


5 Ways to Improve the Safety of Your Security Footage


  1. Change Default Passwords and Usernames

Most users who install surveillance cameras tend to use the default username and password. This is mostly seen among domestic users who believe wireless network security is an adequate deterrent to keep malicious attacks at bay. But it isn’t so. Most attacks never need your WiFi network information, as they can originate the attack through a cloud or P2P servers.

If you are using the default username and passwords, all the hackers do is to compile a list of devices and try to access them one by one with the default password and username. Do you think it can get easier than this?

Once the system has been installed, spend some time to change the default username and password. Create a password that is difficult to guess and always use a combination of uppercase & lower-case letters, numbers, and symbols while creating a password. Don't use the same passwords that you use for other websites, as those websites might be compromised.

Also, make it a habit to change the passwords often.


  1. Prevent Cameras from Sending Information to Third Parties

Unfortunately, with most cloud-based or P2P style cameras (WiFi cameras that easily connect to the network), it is impossible to prevent them from sending info to the third party server, because the camera will not operate. This is why reputable companies will not recommend installation of these cameras, as they are inherently a security risk. This is why it is important to consult with a security camera professional who knows the technology. If they recommend Cloud-based cameras, then look for a different company that understands the security risks better.

While installing the system, ask the service engineer to isolate cameras from your main network. This prevents your cameras from accessing the internet directly as well as keeping the traffic from IP cameras off of your routers and modems for daily recording. When properly installed, an NVR will span a physically isolated camera network and a network that has internet access, so that when you access your cameras you connect directly to your camera system, not through a 3rd party server. Also this will ensure that all of your video is stored securely within your facility.

Get a Safe Home Security Camera System


  1. Keep Software Updated

Ensure that you keep the device’s firmware and software of all network devices updated. Updated software ensures better security than outdated ones, as often there are patches that fix vulnerabilities that have been discovered.


  1. Restrict the Number of People with Access to Footage

Ideally, irrespective of where you have installed the surveillance camera, access to the footage should be restricted to a minimal number of people. Ensure that you always control who has access to the footage and that it is only used only for intended purposes. Also set up individual passwords for each individual and only grant administrative access when required. This permits you to remove individuals from access to the video when needed. Enterprise grade systems like our AVM NVRs and NVR Software provide the ability to provide complete control of what a user has access to view and control in the system. Lesser camera systems often only have 1 or 2 levels of control. Select a system wisely, and ask questions about the security and user access.


  1. Store the Security Footage Locally

Though cloud storage may seem more convenient than storing the footage locally, know that it comes with a price. Allowing cloud access to security footage will make it vulnerable to hacks against your business or personal data. Also, courts have ruled that video stored in a cloud belongs to the owner of the server, not to the individuals who installed the cameras. This means that police can potentially subpoena your video even without your knowledge and even use your security camera footage against you. It is important to understand your rights and who actually owns your video. Storing video locally will also greatly reduce the load on your internet connection. With the upload speeds of today's internet connections, even 1 or 2 cloud based cameras will prove to be too much for the internet and the quality and framerate will be reduced greatly.


How to Know If You've Been Hacked?

Well, it can be quite tricky, especially for an untrained eye. Many attacks could penetrate your system without any signs or symptoms.

With many attacks, without being a network security specialist, you would likely not even notice. In the case of cloud cameras, they are always sending video over the internet, so you would not even notice with network load. With cloud based cameras, your cameras can potentially be hacked without leaving a trace, because the connection is happening on the 3rd party server, not on your network at all. In some cases, when the system is under attack, its CPU would have to work hard, making the entire system lag or video to get choppy. Unfortunately, slow networks can cause similar symptoms.

There are many free traffic monitoring tools available in the market that you can use to monitor your network traffic, but most end users would not be able to really decrypt that information to find out if an attack is underway.


Summary

As said earlier, most attacks happen without raising any alarm, and it can be challenging to spot an attack. Follow the recommendations mentioned in the article to keep your security footage safe. Head to this website for more information.