I have seen time and time again customers blaming our recorders for their network being insecure and vulnerable. Unfortunately, many times this misinformation (alternative facts) comes from the media being ignorant or not technically informed. Most cases involve someone (see *User Error) making statements deliberately in order to gain views/hits. This article is not click bait but highly informative for those seeking better security for their networks (Security Camera Router) and peripheral devices.
The rundown of this article covers our DVR / NVR security recorders and any other recorders. The security recorder will only allow for a certain set of instructions but it is small enough for it to be involved in a widespread DNS attack. The code resides only in the ROM (Read only Memory) this means that as soon as you TURN OFF the unit the malicious code is no longer there and another DEVICE or person (*User Error) needs to reinject it.
With that said educating the customer as to what is happening and how to mitigate it is what we need to do. Unfortunately, there is not much we can do as we can only support our equipment and in many cases, customers have multiple devices (*User Error) that can participate in the re-infection of the recorder.
UPNP (Universal Plug and Play) in some recorders comes turned on, you must disable this feature and make sure that this feature is turned off. From our constant opening of ports we have found that the majority of the time, Time Warner, Comcast, and other derived routers especially the “ALL in ONE” router/modems have UPnP on – which enables any device to open the ports that they have on the list including the telnet port “23” this is where the malicious attack vector comes into play. For any Security Camera King product call our Free US-based Technical support and our security surveillance experts can assist you with disabling vulnerable features.
A recurring theme when providing technical support to many of our customers is that we have found that they just completely blame the security recorder. This is unfortunate and our infrastructure was never designed to be secure meaning the WWW. We have been playing cat and mouse since the early 80s fixing and repairing these issues. One major issue is the lack of security with IOT devices ([internet of things] also referred to as “connected devices” and “smart devices”). Any device within your network has the ability to grant unauthorized access. The lack of encryption is crucial as well. Call me crazy for having layers upon layers of security and business class hardware for my firewalls and routers but that’s what I require and desire to stay safe. We can’t just say …. meh! I’m not important. There is no such thing as not being important if you have a bank account and web history you can easily become a victim.
Another major issue is routers as they serve as a firewall against malicious attacks. Netgear has major vulnerability issues. A well-documented hack happened after a bored coder tinkered with his Netgear in his basement. What happened when it froze up and in his own words was too lazy to get out of his bed to go down to his cold basement and power cycle the frozen Netgear router. He decided to hack into it in order to reboot it. Well, he found a cgi_unauth page by querying for … the reply actually gave him the key which he then used the recovery field to gain access to his Netgear router. His internet had already been restored but many nerds are curious coders by nature so he continued to tinker with his old Netgear hardware and his friend’s hardware. This vulnerability was already out there but he discovered it and shared with many that with a simple POST request he could actually get the text string in all of its glory.
This is extremely harmful as many users (User Error) will reuse their passwords. Netgear routers, as well as other routers, have the remote management feature turned on and only GOD knows what other routers have bad code on them. With Netgear, the unauth_page is present to the world to see and tinker unless you remove it.
With that said when a customer says he or she has been hacked let’s not jump to conclusions. Gather any and all pertinent information before simply requesting for them to check for DMZ or UPNP. The majority of the time it will be something else and we may be the only source of reliable information for the customer to regain his foothold back into a secure network.
@ all Techs and Security Camera Installers do not let a customer leave the defaults on. If you must change the password for them there are plenty of password generators out there.
NOT TLDR…. READ!
Networking Products for Security Surveillance Systems
Next week’s blog article – Port Forwarding IP Camera