The Dark Side of IP Surveillance

The last decade has been very crucial in shaping the security scenario of the

world. After 9/11 attacks the world security agencies have taken strict actions

in deploying surveillance solutions to make the security infrastructure stronger

and fault tolerant. However with increase in the sophistication of the

surveillance systems, there has been increase in manipulating and working around

such systems. The attempts are not only made by the hackers trying to peep into

the sensitive data just for the sake of fun but many others are making millions

by selling these sensitive and critical information of companies and government.

The recent 26/11 attacks on Mumbai have raised further concerns about the

national security so the governments all over the world are now trying the

preventive measures to avoid further such encounters. One such major solution

came up after the incident was to deploy CCTV (close circuit TVs) across the

major public places throughout the country.

This is where video surveillance plays a critical role since video

surveillance solutions provide real time pictures and monitoring of the current

situation of the place. So as we can see, the main concern of government is to

increase and improve the security practices through the mass deployment of video

cameras which are connected to a specified network and provide live videos for

intelligence.

Now moving our attention to the enterprises, we see an equal need of

surveillance systems. Many times video cameras are deployed to monitor the

performance of employees, however it also contributes in keeping check on other

issues like physical theft. The live feeds help the administrator or security

professional to respond immediately. In this part we will be discussing the

reasons why IP-based video surveillance has become an easy target for hackers

and what are the loopholes in the security structures and practices followed by

the network admins and the security personnel and a small part of the article

shall cover how they can be manipulated if not restricted properly,

Surveillance as a threat to your privacy?



How can we consider surveillance as a threat to the privacy. The surveillance
cameras deployed inside malls, theaters and medical stores, and banks many times

depict your general habits and let the people (cops) at the back end know much

more about you than you actually want to let others know. And if that feed is

available to wrong hands, it could become a serious privacy hazard. Well this is

only one part of the threat. If we look at the enterprise level, the scenario

changes a little bit, here the surveillance solutions monitor employees as well

as keep a check on the physical intrusions by someone. And again, if the camera

is IP-based, then it can very easily be hacked within the network. We talk about

some such techniques later.

Live feeds from unrestricted network cameras deployed on the roadside. It shows views of three different places within a city.

CCTVs and IP cameras



A major difference between CCTVs and IP cameras is that the former doesn't allow
the captured images to go out of the building premises in majority of the cases.

This means data is never exposed to the outside world. However IP cameras can

transmit live video images across the Internet, which makes it possible to

monitor a location from anywhere in the world. IP cameras allow the user to

monitor and record live video through LAN or over the Internet. Other prominent

features of IP cameras are: they allow a two way communication and full sight

and vocal/audio capabilities. Plus, they also provide you remote focusing and

movement using a web interface. Now with these advantages over CCTV, IP cameras

have surely gained importance and popularity. However, these cameras can also

cause real time security blunders if they are not configured properly.

A live video feed. Here you can manipulate the PTZ features of the camera without requiring any credentials.

Like computer networks, IP surveillance systems are vulnerable to attacks

such as ARP poisoning, rouge DHCP server, subnet hopping and eavesdropping. Any

person with a basic understanding of networking can attack these systems and

easily manipulate them. Another important vulnerability of these networks is

that you never know if the device which is sending the data to the monitoring

systems is the intended one or a hacker's notebook. Another weak point of these

cameras is that many cameras run internal HTTP servers instead of HTTPS for

administrator log ons, this exposes user names and passwords to be transmitted

over the network in plain text format. Because these cameras send unencrypted

information over LAN or Wan or both, there is a high probability that the data

is used by unauthorized users who can gain access and use information for their

own interest (good or bad).

Now let's assume that the camera which you are using is using the

state-of-the-art security technologies and is hack proof. But what if the admin

forgets to give a username and password? Or if he doesn't realize that the

camera is hooked to the Internet, and can be viewed by everyone in the world if

not restricted properly. You might argue that now someone will know the link of

your camera to use it. But believe me it is just a matter of doing a Google

search. Lets see how.

Hack using Google



Unsecured cameras can be used as spying tools. If you Google some common URL
strings which are present in most of the cameras you will find many live camera

feeds. These cameras are deployed on various public locations and some also show

live videos of those places. Just type unsecured IP cameras and you will find

many sites who list links to those cameras. Doesn't that sound scary? You might

be thinking what wrong could have happened in such a case. To understand this,

let's assume that there is a terrorist attack on a hotel. Now when the

terrorists are inside the hotel, they can just hook themselves into the Internet

and can find and see the security camera feeds which is generated at the road

outside if the camera is not secured properly. And this can help them see the

activities by the Cops and plan their next move. And to see how easy it is to

get links for such unsecured cameras. Just type “inurl:veiw/index.shtml” into

the search bar of any search engine and you will find many results. Just click

on one of the results and you will see a network camera sending live feed to

your machine. With the help of buttons present on the web interface you can also

PAN, TILT or zoom into the location you like. While somebody might argue if that

really is hacking? It is not, but this can be a real value or vulnerability for

a person who is planning a theft or robbery or even a terrorist activity. Apart

from this, many feeds images may be from other places like retail shops, malls

which give an opportunity to get a map of the place and the person can plan an

attack without getting into the hassles of visiting the place and getting

noticed.

A simple Google search gives you a live feed.

Network hacks



Another way of exploiting these cameras is to actively intrude a network and
manipulate videos. However this is a tough task to do since the intruder has to

be present within the network to carry out an attack. If the intruder manages to

enter the local network of an enterprise or any surveillance network then he can

manipulate the video feeds of the camera. For example, he can replace a live

view with the static image, or can just install a rogue camera within the

network and show it as the legitimate device of the network. The problem can

happen due to either an improperly configured IP camera or a lack of security

know-how of the installer. Not using a strong password is another reason that

makes your surveillance systems vulnerable to attacks.

Next month we shall show how to use some free tools to take care of these

attacks.

Nidhi Sharma