A site linked to 73000 unsecured IP cameras in 256 countries has hit all of you. And stories about IP camera security vulnerabilities have been coming into light. The core purpose of this post is to draw your attention to the IP camera security issues. Check it and then take proactive measures to prevent your camera from being hacked or watched by some bad guys.
Table of Contents:
- Reasons the Unsecured IP Cameras Get Hacked
- How Does the Insecure Camera Get Hacked
- How to Choose Secured IP Camera Manufacturers
- Unsecured Security Cameras by Countries, Cities
- Unsecured IP Cameras by Places & Uses
- Unsecured CCTV Camera List (Default Usernames & Passwords)
- Top 4 Tips to Secure Your IP Cameras
The important information of this article is as follows:
Unsecured Places | Outdoor/parks/home/parking lots |
Recommended Camera | Reolink security cameras |
Encryption | SSL/WPA2/AES |
4 Security Tips | Buy cameras with encryption, etc. |
Reasons Your Unsecured IP Cameras Got Hacked
Why would people take the time and effort to hack those unsecured IP cameras?
Some hack for fun. Hackers try to crack the unsecured security cameras in people's homes as a challenge — they do it just to prove that they can. There was a user once experienced a strange hack that all of his unsecured IP cameras got renamed "UPDATE" and "FIRMWARE". It seems as if the hackers were just announcing their success, that's all.
And some are after the private information through unsecured IP cameras. Some others may just enjoy the tedious yet exciting moments of preying on the innocent and the unknowing. They are fond of watching unsecured cameras lives like catching criminals in the act or finding hilarious anomalies.
How Does the Security Camera Get Hacked
Hacking an unsecured IP camera is alarmingly easy. You can view unsecured cameras with simple clicks.
Luckily, the hacking mostly happens to those unsecured IP cameras with default passwords. Generally, the online site just pings every device on the net and try if one of common default passwords works.
That's the way most websites get the hacked cameras' live. So remember to change the default username and password, and don't use the one that is too simple and easy to crack, like your birthday.
Bonus: Click here to find effective ways to tell whether your IP camera has been hacked.
How to Choose Secured IP Camera Manufacturers
Unsecured IP cameras are accessible to everyone, making them pretty vulnerable to prying eyes.
The unsecured IP camera manufacturers have little incentive to spend time and money making their products safer. Experts, in a CNN news report, "blamed poor practice by low-end manufacturers making devices like internet-accessible baby monitors, cameras and thermostats".
But there are also manufacturers, like Reolink, devoted to taking advantages of the cutting-edge technology and strict manufacturing and testing process. Reolink security IP cameras feature advanced encryption, like the SSL encryption, WPA2, and AES encryption, making sure the live surveillance streams unable to be accessed by hackers.
WAIT! Check out these Special Deals before you leave:
Right now, you can get EXCLUSIVE & BIG discounts on a wide range of Reolink security cameras & systems, wire-free & plugged-in, indoors & outdoors.
These Countries/Cities have the Most Unsecured Security Cameras
The Insecam contains 25 listed countries with the most unsecured IP cameras.
US leads the way, with the most open IP cameras, which are visible to all internet users all over the world. Other countries include South Korea, China, Mexico, France, Italy, UK and many more. The top 5 countries with the most unsecured cameras are:
- US: 5907
- Japan: 2429
- Italy: 1486
- France: 1213
- United Kingdom: 911
The number of unsecured IP cameras varies according to different cities. Taking US as an example, cities with a high population density tend to have more insecure open IP cameras. San Francisco, Boston, New York, Los Angeles, and Miami have more unsecured home cameras than other cities do.
Unsecured IP Cameras List: Where and How They are Used
While unsecured IP cameras in public places, such as parks, parking lots, restaurants, streets, supermarkets, are not going to really alert you, unsecured security cameras in people's homes let you worry about privacy issues.
According to Insecam, up to 15.4% of all the unsecured web cameras are from homes, following outdoor/parks (21.55%) and parking lots (21.18%).
List of Unsecured IP Cameras Due to Lack of Password Protection
A list of unsecured cameras includes those without a strong password to protect.
Sometimes you use a security camera without password protection, or forget to change the default username and password. IP cameras "protected" with the default username and password widely known to thieves are extremely vulnerable to be hacked.
Take a look at the unsecured IP camera list with default login username and password. Due to industry relations, I will not mention the brands of these security cameras. But the list is based on the passwords leaked out of the news, so you can refer to it and change your password as soon as possible.
Username | Default Password | Default IP |
root | Pass/EMPTY | 192.168.0.90 |
admin | admin | 192.168.1.1 |
root | Model # of camera | 192.168.100.1 |
admin | admin | 192.168.1.108 |
888888 | 888888 | 192.168.1.108 |
666666 | 666666 | 192.168.1.108 |
Admin | 1234 | 192.168.0.250 |
admin | 12345 | 192.0.0.64 |
administrator | 1234 | DHCP |
admin | 12345 | 192.168.0.253 |
admin1 | password | 192.168.0.253 |
root | 4321 | 192.168.1.200 |
root | admin | 192.168.1.200 |
admin | 4321 | 192.168.1.200 |
admin | 1111111 | 192.168.1.200 |
admin | admin | 192.168.0.2 |
admin | admin | 192.168.0.100 |
root | ikwb | 192.168.0.30 |
Top 4 Tips to Secure Your IP Cameras
So how could you avoid being a victim of the prying eyes?
Here we list top 4 effective ways so that you can stay away from the trouble of unsecured IP cameras.
#1. Buy a security camera with advanced encryption.
Many high quality cameras will provide multi-level security features to keep your footage from prying eyes. For example, the Reolink wireless security cameras and PoE IP cameras are secured with SSL encryption, WPA2-AES encryption, and SSL-TLS enabled to make sure that your recordings are indeed secure.
#2. Change the default username and password as soon as you setup your camera.
Input a username and password that is 6 characters or longer. It's highly advised to use a combination of lower-case and upper-case letters as well as numbers and special characters.
#3. Make sure your camera has the latest security firmware installed.
The latest security camera firmware will always provide protection to any new method of hacking into your cameras. And there is usually a page that you can find all the latest firmware for upgrade.
#4. Change the security camera default port.
Hackers often target default ports, which is usually within the 8100 range. You can manually change the security camera default port to a non-standard port. This will make it more difficult for hackers to find your camera.
If you have more ideas to address the IP camera hack issues or more insights into the unsecured IP cameras, you're very welcome to share with us by leaving a comment down below!
Amanda great article. Thanks for sharing these vulnerable IPs that people can use to check their home and office security. It's also unfortunate that sometimes manufacturers are very tight lipped about these security issues, choosing to not report it until they have found a fix. Do you think in this industry there should be more public disclosure?
We've also done an article on top security camera vulnerabilities, feel free to let us know what you think and also to amuse yourself at some unfortunate camera hackings
http://www.jay360.ca/ultimate-guide-to-surveillance-camera-vulnerabilities/
http://www.jay360.ca/who-is-watching-top-5-surveillance-camera-hacking/
Is there a site where they list the free young punani camera's? From age 12 till 16>
Pedo
Cunt
Pedo? If they have hairs on their snatch and small titties they are ready for it and it's nothing Pedo to give them what they need.
spycamhome.ru nice
hate to say it but i think thats your cam i connected to.
I am not accessible on rstp and not recognized sd card. I've try multiple sd card but option formatting on app isn't disponible, how do resolve this?i am not accessible on rstp and not recognized sd card. I've try multiple sd card but option formatting on app isn't disponible, how do resolve this?
Hello Tracy, do the RSTP and SD card work properly before? It is possible that the SD card that you are using is not compatible with your camera. Here is a troubleshooting article for your reference, https://support.reolink.com/hc/en-us/articles/360009712614-SD-Card-Not-Detected. If this won't help, it is best to contact the support team asap.
hate to say it but i think thats your cam i connected to https://www.ludoallstar.com/post/why-ludo-all-star-is-a-top-online-ludo-game-available
HI. I am awaiting delivery on reolink c1 pro and plan to buy the reolink E1 too. My question is regarding security. In watching youtube videos it didn't seem to ask for a username but it asked for a camera name. I was just planning on naming them Livingroom and Kitchen to identify which camera they were. Where do I put username and can I use same username and password for both cameras or do they need separate ones?
With the Pro series you will need to put in the camera information first such s model and serial number. After set up you will then have the option to edit the identifying username and password to anything you wish them to be.
Hi Deb, after you log into the Reolink app successfully, we don't require you to enter the username again. You can learn how to add Reolink cameras to the app with this tutorial, https://support.reolink.com/hc/en-us/articles/360015776493-Initial-Setup-for-WiFi-camera-via-Reolink-APP.
Also, you can use the same username and password for both cameras and name them with the position where you plan to place them in. Please let me know if you have any questions.
I am your regular customer (at Aliexpress), I have been selling and installing your cameras for over a year. Like everything, the product is super. But, really lacking a simple DVR – WITHOUT PoE !!! For example: You need to connect internal cameras to the NVR – E1 (8 pieces). Why do I need a DVR with power?
The second option, for example, NVR for 16 channels. It is in the house. What do you think, to bring 16 cables into the house, is it convenient and beautiful? Believe me – no !!!! We need a separate switch PoE ((installed in the attic, an example), one cable goes to the house from it, the problem with the cables is solved.
Hi there, thank you for sharing your ideas with us. Please note that even a WiFi NVR without PoE ports requires a proper power supply to function as well. Or else, the NVR cannot process and record the video footage to the HDD. You may take a look at this guide on how to connect WiFi cameras to PoE NVR, https://support.reolink.com/hc/en-us/articles/360004346714-Make-Reolink-WiFi-Cameras-Work-with-Reolink-PoE-NVRs.
In terms of the PoE switch, we don't have any plan to release a PoE switch or injector designed for our cameras and systems as of now. We would recommend our customers to use PoE switches or injectors that comply with IEEE 802.3at standard. Hope this helps.
So assuming you had a 802.3at 8-port PoE switch in your attic that the wired PoE cameras were connected to, you then just bring down a Cat 5E or 6 cable and plug into one of the PoE ports on the back of the NVR, and then configure normally as if you had 4 or 8 cables in the back? No extra configuration work? I haven't bought a system yet, but like the poster above, I'd rather drop one cable rather than 4 or 8.
Just doing my research first and really liking your offerings.
Hi there, of course, you can connect the PoE cameras to an 802.3 at PoE switch first and bring down a Cat 5e or 6 cable and plug into one of the PoE ports on the back of the NVR without extra configuration. Also note that the maximum number of PoE IP cameras that you can connect to one PoE switch is 3. Or else, it may lead to a delayed or frozen video stream. Click here to learn more, https://support.reolink.com/hc/en-us/articles/360012389133-Can-I-Add-a-PoE-Switch-Between-the-Reolink-PoE-Cameras-and-Reolink-PoE-NVR-. Hope this helps.
How do Reo-link cameras ensure end-to-end encryption?
The claim of WPA2-AES being a security feature is silly. Every wifi device supports this.
SSL is obsolete.
If you use SSL-TSL, how can vustem certificates be set? If these all use pre-set certificates, it means reolink can decrypt and see all the video footage going through their servers!
Hi Matt, we apply the three security features that you mentioned to secure our security cameras. You may click here to learn more, https://www.prnewswire.com/news-releases/reolink-secures-ip-cameras-by-enabling-multi-level-security-features-300368634.html. Note that custom certificate settings are not available now.
Video data transmission through the Internet are encrypted as well while Reolink doesn't have the keys to decrypt and see the video footage going through the servers. Also note that all the video footage on Reolink Cloud is stored on Amazon AWS S3 servers and only the users have access to the video footage uploaded by their own security cameras. Hope this would clarify.
How can u get your danle cloud footage if u paid for cloud playbaclk
Hello Matt, you can still download the footage uploaded to the cloud. This would apply for Reolink products and its cloud services but we are not sure if it applies to other cameras or not. If you are using products or cloud services from any other brands, it is best to consult them for more detailed info. Hope this helps.
MOBOTIX cameras can only be broken into if you do not change the default user name and password (admin – meinsm). There has never been a hacked MOBOTIX camera. Do an internet search on that, you won't find anything. They are THE most secure camera on the market. How do I know this? I work for them. We have partner conferences and invite hackers to break in to any of our devices, in my 7 years and since the company started in 1999, there has not been a breach. I've never had a call stating someones camera has been broken into. Prove me wrong.
Hi Amanda.
What about the critical Hikvision flaw that could be used be remotely exploited to hijack cameras, DVRs and accounts that was exposed a few years back. I know a firmware patch was quickly released to secure the breach.
With the IoT expanding at a rapid rate, these hacks will become more common place as points of infiltration become more expansive.
Is Reolink going to update firmware on existing camera's to also add WPA3 support?
Never let your cameras out on the internet, it's not safe for them out there. 🙂
Instead connect directly to a computer/NVR, preferably on an air gapped network . If you need to connect remotely do it through your well patched, update and secure computer/NVR.
My system has several network cards with one dedicated only to Internet connection and nothing else. All other NICs are stand alone private IP camera networks.
No Internet connection is the best connection.