Security within Security: Vivotek secure Cybersecurity

Taipei, Taiwan

Being a global well-known IP video surveillance solution provider, VIVOTEK pushes forth with industry best practices in order to reduce security vulnerabilities in our products.

  • Abstract

Cybersecurity for IoT devices has been a hot topic in the past few years, and IP surveillance cameras are the hackers’ top target because of the relatively high computing power and good internet traffic throughput. At the end of 2016, a Linux-based malware “Mirai” was used to initiate a DDoS attack which created a record-high 1.2Tbps Internet traffic. The huge traffic was triggered by remote commands and the victim devices were mainly IP surveillance cameras. Not only is Mirai source code made available on the Internet, multiple variants of Mirai-like malware are surfacing. Cybersecurity now becomes another focal point for IP surveillance devices and multiple governments are making regulations to raise the bar for cybersecurity implementation. It is becoming the next decisive factor in the competition of the IP surveillance industry.

  • Incentives to Hack IP Surveillance Cameras

Today, the major motivation of hacking is monetization. When it comes to monetization, IP surveillance cameras are great targets because of the following reasons:

  1. Constantly Connected: High exposure to the Internet making it easy for the hackers to find the device. Once hacked, the device will be constantly available to serve hackers’ needs.
  2. Low Hacking Investments: Unlike hacking a PC, once the hackers see a way to hack a device, the same approach can usually be applied to other devices of the similar models, making a very low per-device hacking cost.
  3. Lack of Supervision: Unlike office PCs, IP surveillance cameras are not well managed by cybersecurity knowledgeable staff. Installing an after-market anti-malware application is not available as well.
  4. High Performance: The idle computing power inside an IP surveillance camera is usually good enough to perform hackers’ specified tasks like cryptocurrency mining, even without being noticed by end users.
  5. High Internet Facing Bandwidth: The always-connect fast and huge bandwidth designed for video communication is the perfect target for hackers to initiate DDoS attacks.
  • Hacking/Infection Chain

The typical infection chain of IP surveillance cameras consists of the following steps:

  1. Discover Address: Locate the IP address of a potential victim device, mostly done by Internet crawlers. Web services such as “Shodan” can also offer a list of discovered devices.
  2. Gain Access: Use the default password, or the password dictionary to logon the device. Once getting the administrator privilege, hackers can further exploit the system for their malicious actions.
  3. Exploit Vulnerabilities: Look into the system vulnerabilities and take advantages of them. System vulnerabilities are inevitable especially in a quick moving IT world where open source codes are widely used.
  4. Inject Malware: Install the malware into the IP surveillance camera. The malware typically consists of an agent much handles the communication, and the main body which fulfill the main functions designed by the hackers.
  5. Command and Control: Control the victims remotely to enable a specific service function. For example, hackers can initiate a DDoS attack and command all infected devices to target a specific destination.
  • Conclusion

As the concern for cybersecurity is growing due to the damage caused by cyber attack in the past years, the IP surveillance industry started to pay attention to this topic since IP cameras and NVRs have become the perfect targets for hackers. VIVOTEK is the first IP surveillance manufacturer in the market to provide anti-intrusion software within network cameras and NVRs. Powered by the renowned cybersecurity solution company Trend Micro, VIVOTEK IP devices can now detect and block the brute force login attack or any abnormal activities inside. In addition, through the automatic update of virus pattern, the risk of new vulnerabilities can be significantly reduced in no time.

Product Suppliers
Back to top