This blog is by Gerald Reddig, Security Marketing Manager at Nokia Networks.
Wireless IP cameras can be hijacked via the mobile Internet
The Internet of Things (IoT) era is something like the golden age for hackers. Mobile operators and users alike need a completely new mindset to face the security challenges that come with zillions of IoT devices. In fact, researchers from our Nokia Security Center have recently warned that wireless IP cameras can easily be hijacked.
The problem is that a significant number of IP cameras can be accessed using the default “admin” username and password. Even with cameras that have been configured with a password, there are still multiple ways to either guess the password or simply break into the device.
A creepy new website has surfaced to exploit those users who have not yet changed the default passwords of their cameras. This site has apparently hacked 73,000 cameras from all over the world, including parking lots and other exterior locations, as well as people’s homes. While the site claims that its intention is only to make people aware of the importance of changing their default passwords, it seems an unsettling way to promote security awareness by showing hacked footage of unsuspecting people in their home environments.
And this is just the beginning. IP cameras often run on a pared-down version of Linux, which means hackers can easily add in their own customized malware or even replace the firmware entirely. As a result, hackers can misuse IP cameras by sending spam e-mails or http requests in order to increase click rates on particular web pages and thus improve their SEO ranking.
The Internet of Things will certainly bring greater awareness of the security status of mobile networks. This in turn will allow proactive mitigation of infected devices to reduce operational expenditure and maintain service quality.
Giuseppe Targia, Vice President of Security Business at Nokia Networks, recently stated during his speech in The Hague at the Global Conference on Cyber Space 2015:
“Mobile operators need a secure and resilient mobile network infrastructure ready to tackle the IoT challenges, as well as dedicated solutions to detect and prevent hacker attacks to and from IoT devices.”
Our Nokia Security Center in Berlin gives mobile operators the opportunity to see live demonstrations of hacker scenarios and solutions to better understand the need of network protection.
At Mobile World Congress 2015, Nokia Networks launched the 2nd generation of its network-based malware detection and mitigation solution Mobile Guard, which is optimized for the new and extremely complex embedded applications that drive the IoT. When an IoT device is hacked and its processor or Internet connection is used for fraud and other attacks, Mobile Guard recognizes these devices and takes mitigating actions.
While we rely on mobile operators to provide a secure mobile network, it’s still a good idea to be proactive and change your IP camera’s password whenever you install a home IP surveillance camera.
Nokia Webinar – “Security for Internet of Things” on June 11
To learn more, please join our webinar on 11 June 2015 with leading independent analyst Matt Hatton, Founder & CEO of Machina Research, who will explain the unique role of operators in an IoT world and demonstrate why security and privacy are fundamental to success.
Register below for one of two identical webinar sessions:
And check out our downloads:
Please share your thoughts on this topic by replying below – and join the Twitter discussion with @NokiaNetworks using #NetworksPerform #mobilebroadband #telcosecurity #IoT.