Is your CCTV vulnerable to a network attack?

Connecting CCTV systems to the Internet is very common these days, it gives the user the ability to view and control their CCTV systems remotely.

However, we have found that a high proportion of internet connected systems are vulnerable to attack, either pre-meditated, or using automated ‘bots’.

Such attacks can render a CCTV system useless by either corrupting or deleting the settings, deleting video recordings, or preventing access to the device (Denial of Service attack). They can also be used to cause damage to other devices that are connected to the CCTV system.

In this blog I will highlight some potential vulnerabilities, and give you 5 simple steps to reduce the chances of your CCTV systems being attacked.

Why are Internet connected CCTV systems attacked?

It is unlikely that a hacker or bot wants to attack your CCTV system at all, they are more likely looking for web servers or file servers that they can gain access to.

Unfortunately, modern IP connected CCTV systems often have web servers and file servers built into them which are used to configure the system using web pages, display video images, or download archived video footage.

So even though your CCTV system may not be a prime target for a bot, it can still do some serious damage to your system if they can gain access to it.

How are Internet connected CCTV systems vulnerable?

There are many reasons why a CCTV system may be vulnerable to an attack. The most common being:

  1. The device responds to Ping requests.
  2. It’s using common IP socket ports such as port 80 (HTTP), port 21 (FTP), and port 23 (Telnet), or the default ports.
  3. A low strength password is being used, or the password has not been changed from the manufacturer’s default.
  4. The system is open to connection from any source.
  5. There are vulnerabilities within the DVR software/firmware.

This isn’t an exhaustive list, but these are the most common reasons why internet connected CCTV systems are vulnerable.

How do I make my Internet connected CCTV systems less vulnerable?

In the first instance, it is worth addressing each of the points above to see if there are immediate issues which can be resolved:

  • Ensure the CCTV system does not respond to Ping requests – Ping is a method used to detect whether an IP device is connected online. If the DVR (or the router it is connected to) responds to Ping requests, it may alert potential attackers that a device  is available to attack. Turn off Ping response in the Router and DVR to prevent this from happening.
  • Change the IP port that is used to access the unit over the Internet –  If the DVR is using port 80, 21, or 23, see if these can be changed on the DVR itself. If that is not possible, change the router settings to use Port Forwarding, so that traffic on a specific incoming port number will be forwarded to the correct port of the DVR on the network. For example, you could forward any traffic on port 3080 to the DVR on port 80, so any external connection to the IP address on port 3080 will get through, but connections to port 80 will not. You can find out more about Port Forwarding HERE
  • Change the password on the CCTV System– ALWAYS change the manufacturer’s default password. Also, have a mix of uppercase and lowercase letters and digits to strengthen the password, for example “A$kMe” is much stronger than “askme”. You can check your password strength HERE
  • Configure your router’s Firewall – Do you really want to allow anybody on the Internet to have access to your CCTV system? The firewall within your router will allow you to limit access to your CCTV to certain IP address ranges or MAC addresses.
  • Ensure that the firmware on the CCTV System is up to date – Manufacturers may address any security or vulnerability issues with newer firmware, always ensure you have the latest firmware to ensure that you have added protection.

There are other methods of increasing security of your Internet connected CCTV systems which are way beyond the remit of this blog, but by implementing these five simple steps, you can reduce the chances of your CCTV system being attacked.

One thing to remember is that a CCTV system is basically a PC, they may not look or operate like one, but underneath they will be running an operating system which may well be Windows or Linux based, meaning that they are vulnerable to the same sorts of threats as desktop PCs.

It’s worth bearing in mind the next time you put one of your customers’ CCTV systems online.

Why is your CCTV not password protected?

We’ve all seen the recent stories of pretty much any device or account being hacked for malicious means; phones, bank accounts, email accounts, Twitter, Facebook etc. etc.

But what about CCTV systems? There are more and more systems being connected online to allow remote viewing, but how safe are they from hackers?

Whilst we have been installing CheckMyCCTV on customers’ sites, it’s been astonishing just how many systems either use the manufacturers default password, or no password at all – 8 out of 10 CCTV systems were using the manufacturers default password.

If a CCTV system is connected to a broadband line and is using the default passwords it can be very easy for an unauthorised user to gain access and do some or all of the following:

  • View and copy images from the CCTV system.
  • Reboot or shutdown the system.
  • Stop cameras from recording.
  • Disable alarms or connection to a Remote Video Receiving Centre (RVRC).
  • Delete or overwrite recordings.
  • Lock out authorised users.

You wouldn’t install a lock and give a key to anyone who happens to knock on the door – which is exactly what you’re doing if you don’t change the default passwords.

Check with the manufacturer regarding how to change the passwords, and put it on your checklist to complete before signing the site off – The integrity of your customers’ CCTV system and your reputation may depend on it.