Can strangers hack into your IP cameras?

Armor Security News

We get customers who want new HD IP cameras installed on their property all the time. In fact, video surveillance is the fastest growing feature in the security world today. Your device uses software to allow remote access to the footage it has been storing as well as the live feed it produces. A lot of attention has been focused on the security of IP cameras. In addition to IP cameras, your recorder, whether it be a Digital Video Recorder (DVR), Network Video Recorder (NVR) or Personal Computer Video Recorder PCDVR, runs on the same principle software for remote access. This means it's not only your cameras that are a hacker liability, but your recorder is susceptible to infiltration as well.

When Armor installs your new cameras and recorders there are multiple steps taken to ensure no one except the intended party can access them. We always recommend setting up a secure network with an industry notable firewall in addition to some other protection techniques. If you're a security company or a "do it your self-er," the most important procedure to protect your cameras and recorders from being hacked are firmware updates and default credential changes.

Simply because you "just purchased" your camera does not mean it has the latest firmware update; it's common that your cameras could have sat on the shelf for six months or even a year before you received it. You also have to factor production and (on the ocean in a container) shipment time. Most companies send their product out with the latest and greatest firmware while the engineers are upstairs finding more efficient ways to pack your data and increase resolution.

Once your new camera is in your hands, a new update has already been released, this is common. Go to the device manufacturer's website and download the new firmware for your model, which will most likely include a new way to store or send your footage in addition to function and security updates. Log into your device and upload the new file from your device interface.

The next step is to change the default access credentials. They are almost always some easy-to-remember password and user name configuration. This is meant to make setting up your new camera easy and fast, as you typically have to log in and out multiple times during initial set up.

Here is the real week-spot. "Do it your self-ers" almost always forget to make the necessary credential changes that otherwise allow strangers a window into their lives. I've heard a customer say, "I didn't think someone from the outside world would be able to see that I am running a ... brand IP camera?" The truth is, if you know how to find it on the web it's really easy to find an IP camera, recorder or even a cheap webcam (especially if it's not on a professionally configured network and firewall).

The simple change of the default user name and password provides a massive amount of protection from would be camera hackers. If you can access your surveillance system remotely using that default name and password, chances are others can as well.

Back to News Archives