Distributed Denial of Service attacks against internet connected devices are increasing year-over-year not just in the amount, but also in persistence, complexity, and sophistication. As recent attacks such as the Mirai botnet would indicate, this is only going to continue to grow. The Mirai malware spreads by scanning the internet for IoT devices, including routers, that are protected only by default usernames and passwords to infect and hijack them to carry out DDoS attacks.
As the number of IP cameras around your home and business increase, so do your chances of being hacked. IP cameras and internet-facing devices pose a serious threat that similar non-connected devices don’t have to worry about. They increase the number of gateways into your home and business by introducing weaknesses that didn’t already exist.
Now the devices that we rely on for security and privacy are the same devices that are susceptible to malicious attacks.
If you have an IP system, this checklist will help you secure your camera system.
- Find which cameras are on your network are vulnerable: You can download a tool from the camera manufacturer’s website. Alternately, we have developed a handy tool that can check your cameras for the the most commonly used/default passwords to see if they are vulnerable to being hacked. Download the free tool here.
- Check the list of affected cameras: For cameras that are vulnerable to the Mirai botnet, we have compiled a list with links to manufacturer’s websites. You can download the list here. Look up the make/model for each of your cameras and compare against this list- Camera Device Manufacturers List. If your camera manufacturer is on this list, you must act immediately to secure it.
- Change factory default passwords: All cameras come from the factory with default passwords that are well known and must be changed. This is a vulnerability because the administrator login provides a lot of control over the camera and it must be protected using a secure password. Try to login to your cameras using the factory password. If the default password works, change it immediately to a secure password. We recommend a minimum of 8 characters and using a combination of upper and lower case letters, numbers and special characters. Note that if you have a recorder (NVR) on site, you will have to enter the new passwords for each camera in the recorder.
- Use unique passwords: For added security, it is recommended that each camera have a unique password. This ensures that should one camera be compromised; a hacker cannot easily break into other cameras with the same credentials. Store passwords in a secure place, there are multiple applications and password managers available for this purpose.
- Update firmware frequently: Cameras are effectively computers that run software, which is called firmware. Manufacturers publish updates to their firmware periodically. Updated firmware may include bug fixes and new features, and increasingly will include patches that fix vulnerabilities when they are discovered. Find out if your manufacturer supports firmware updates, which are typically downloadable from the Support page of their website. Download and apply the latest firmware and be sure to check at least once a month for updates.
Sounds like a lot of work to secure your security system.