Modern video surveillance sector, especially IoT, is at great risk of cybercrime cyber attacks. Ankit Anubhav discovered over 30,000 Dahua DVR devices linked to closed circuit systems (CCTV) compromised
The video surveillance sector is at great risk of attacks by cybercrime and state-sponsored hackers. Cyber attacks on CCTV systems are multiplying all over the world, especially on IoT devices, to extract owner credentials, modify the settings, ect… The latter led to the discovery by the cyber security researcher Ankit Anubhav (Newsky Security) of over 30,000 passwords associated with digital video recorders (Digital Video Recorders, DVRs) on a search engine. In particular, the Dahua Technology products, commonly used for the management of recordings connected to video surveillance systems, have been compromised. But it is not the only case. Recently, as reported by the Italian National CERT, evidence of exposure of vulnerable devices in specialized search engines has been detected. Vulnerabilities can allow malicious hackers to find authentication credentials to the devices themselves and to external services configured within them.
Also in Italy there is a high risk of DVR and CCTV compromised by cyber attacks. In thecountry there are about eight thousand Dahua devices. How many have the firmware updated?
Also in Italy there are numerous Dahua DVR devices exposed to the public, many of which are potentially linked to business network users. There are about eight thousand, concentrated mainly in the center and north of the country, but there are also in the South. And launching cyber attacks against them is very simple. Malicious hackers start a raw TCP connection on the IoT device using port 37777 to send a special payload. Once the DVR has received it, it will automatically send the credentials to the command and control server. In this way the attackers will have access to both the systems and the data stored within them. In addition, they will be able to modify the settings as they wish, even by disabling the devices. The best way to increase their cyber security is to check the presence and their possible access from the outside, planning the firmware updates as soon as possible.