IoT Risks: Turning a Security Camera Against Its Owner
You buy an outdoor cloud security camera to keep your home or business safe. A monthly fee buys you a service to access the video feed remotely from a mobile device. Neat right? Not really. Not if the camera has multiple exploitable vulnerabilities that lets an attacker hijack the video feed and disable the device remotely.
You buy an outdoor cloud security camera to keep your home or business safe. A monthly fee buys you a service to access the video feed remotely from a mobile device. Neat right?
Not really.
Not if the camera has multiple exploitable vulnerabilities that lets an attacker hijack the video feed, disable the device remotely, and steal the password of your WiFi network.
This is a real scenario, exemplifying the poor state of IT security of the Internet of Things.
Alex Farrant and Neil Biggs, both employed at the cybersecurity consultancy firm Context Information Security, hacked a Motorola Focus 73 outdoor security camera. Through a series of steps they gained full control over the device. They've provided a detailed write-up of the Focus 73 hack, describing the camera's vulnerabilities and how they can be exploited.
Hijacking the feed
Farrant and Biggs show how an attacker can turn the camera against its owner. For instance, a tech-savvy thief who decides to rob the home...