Digital video recording (DVR) devices used for security purposes might actually be an open door — virtually — for hackers, according to the findings of a security blogger.
The writer going by the name “someLuser” on the blog Console Cowboy showed how at least 18 brands of security DVRs were vulnerable to hackers, specifically the Ray Sharp DVR platform. The security firm Rapid 7 did a little digging after someLuser’s blog post came out and found that this could leave about 58,000 systems in more than 150 countries exploitable.
Forbes explains in laymen’s terms how the vulnerability with the system works:
He found that commands sent to the device via a certain connection, port 9000, were accepted without any authentication. And worse, he was able to use that unprotected connection to retrieve the login credentials for the DVR’s web-based control panel. “Anyone who can connect to port 9000 on the device can send this request and retrieve that information,” said someLuser, who declined to reveal his real name when I reached him by instant message.
To compound the problem, the DVRs automatically make themselves visible to external connections using a protocol known as Universal Plug And Play, (UPNP) which maps the devices’ location to any local router that has UPNP enabled–a common default setting. That feature, designed to allow users to remotely access their video files via remote PC or phone, effectively cuts a hole in any firewall that would expose the device to attackers, too.
Basically, the flaws would allow hackers into security systems remotely where they could access or delete footage.
Products included for such a potential exploit are: Swann, Lorex, URMET, KGuard, Defender, DEAPA/DSP Cop, SVAT, Zmodo, BCS, Bolide, EyeForce, Atlantis, Protectron, Greatek, Soyo, Hi-View, Cosmos and J2000.
Although at least one manufacturer, Zmodo, told Forbes they have a firmware update for sale to correct the vulnerability, there is not really a simple fix for the problem.
A temporary work-around someLuser presents is to disable the universal plug and play (UPNP) on routers to prevent outside devices from using the Internet to access the system remotely.
DVR security systems are not the only remotely accessed systems that we’ve seen vulnerable to hacking. In 2011, we reported how something as unassuming as a home or office printer connected to the Internet could be hacked, even tampered with to the point where it could start a fire.
Last week, tech websites were reporting some computer webcams were insecure and letting peeping Toms see through them. The issue associated with TRENDnet webcams was first reported in early 2012 and a fix was provided. But as the interactive map TRENDnetExposed received attention (the map has since been deactivated), it was clear some users of the webcams had not yet taken the necessary measures to secure their devices.
Watch this video from the Today show about criminals using unsecured webcams for spying: