Hope the hackers didn't see me yesterday...
..trying to wrestle a Twix out of the vending machine...very embarassing.
DVR systems from Hikvision have vulnerabilities that open the door to hacking, security researchers have warned. Digital Video Recorders (AKA Network Video Recorders), such as those from the likes of Hikvision, are used to record surveillance footage of office buildings and surrounding areas. However, the range of …
I have seen a number of cheapo CCTV systems. Often picked up from some random Chinese source by the "son" of the owner of the business. Installed by that same person. And then just left running...
Every one of these I have seen has had the default passwords still in place. These are are of course those oh so secure choices like 1234 or password.
Staff rarely know how they work - a lot of the time they don't even know how to review the recorded footage. But then if you were a low paid restaurant employee would you really care?
I am amazed more of these systems don't get hacked.
I saw a case some years ago where a system was hacked and then remotely upgraded because it was so old that the code they loaded initially wouldn't run.
The problem with "utility" devices is that the manufacturers never bother to update the OS so backdoors and the like never get fixed. You want that backdoor fixed son? Buy a new one.
A bunch of cheap China Cams bought on ebay recently not only had dodgy ActiveX controls (something I am used to - So always initially re-rlash them and configure them within a secured snapshoted VM) but also included P2P firmware which essentially, by default, broadcasts the camera on teh inter webs! (all you need to know is the device ID - which the seller invariably will.
I noticed several IP cams on ebay where the seller is actually asking the buyer NOT to upgrade the firmware!
I use IP cams for rudimentary external security - they are on a separately fire-walled VLAN, do not have internet access and stream to a synology box (via Onvif) which is only accessible externally via VPN.