Security Risks in the Supply Chain There have been a lot of frightening things in the world of IT and telecom during the past few years. Something that stick outs even in this threatening landscape happened a few years ago when particularly creepy malcontents hacked into video baby monitors. That particular sign of the apocalypse […]
Security Risks in the Supply Chain
There have been a lot of frightening things in the world of IT and telecom during the past few years. Something that stick outs even in this threatening landscape happened a few years ago when particularly creepy malcontents hacked into video baby monitors.
That particular sign of the apocalypse comes to mind when reading about the hacking of thousands of closed circuit cameras. More than 25,000 hacked CCTV cameras and digital video recorders were enlisted to launch distributed denial-of- service (DDoS) attacks, according to Network World.
Security firm Sucuri observed one of the attacks, which was waged against a small, and no doubt unsuspecting, brick-and-mortar jewelry store. The beleaguered shop was flooded with 50,000 HTTP requests at the application layer. It is almost certain that a small shop’s IT infrastructure wasn’t up to the challenge.
It is not an isolated problem. And, as usual, people’s inertia is a big part of the problem. In April, Quartz reported about 6,000 unsecured video streams. The streams are unsecured because people don’t set a password or use the default out of the box.
The city with the most unsecured feeds was San Jose, with 162. The rest of the top five were Los Angeles (159), New York City (126), Boston (123) and, for some reason, Torrance, California (107). Overall, about one-quarter of the unsecured cameras were in businesses.
Not all the problems are the fault of lazy users. In March, SecurityWeek ran a piece describing, in great technical detail, a flaw in a surveillance camera. This particular problem was especially dangerous because it involved the white labeling market. In this sector, many identical or very similar devices from a single manufacturer carry the names of many companies.
In this case, the flaw, which targets the DVR element of the system, was manufactured for more than 70 vendors by TVT, a Chinese company. The remote code execution (RCE) vulnerability was included in firmware from an Israeli company that apparently was used by TVT.
The use of surveillance technology has been growing for years. The idea that a good percentage of it is inherently unsecure is unsettling. Combine that with people’s well-known lazy tendencies and technical ignorance and the situation becomes truly frightening.
Carl Weinschenk covers telecom for IT Business Edge. He writes about wireless technology, disaster recovery/business continuity, cellular services, the Internet of Things, machine-to-machine communications and other emerging technologies and platforms. He also covers net neutrality and related regulatory issues. Weinschenk has written about the phone companies, cable operators and related companies for decades and is senior editor of Broadband Technology Report. He can be reached at cweinsch@optonline.net and via twitter at @DailyMusicBrk.
Save
Carl Weinschenk Carl Weinschenk Carl Weinschenk is a long-time IT and telecom journalist. His coverage areas include the IoT, artificial intelligence, artificial intelligence, drones, 3D printing LTE and 5G, SDN, NFV, net neutrality, municipal broadband, unified communications and business continuity/disaster recovery. Weinschenk has written about wireless and phone companies, cable operators and their vendor ecosystems. He also has written about alternative energy and runs a website, The Daily Music Break, as a hobby.
The go-to resource for IT professionals from all corners of the tech world looking for cutting edge technology solutions that solve their unique business challenges. We aim to help these professionals grow their knowledge base and authority in their field with the top news and trends in the technology space.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
