IoT Risks: Turning a Security Camera Against Its Owner

February 16, 2016 | 11:47
IoT Risks: Turning a Security Camera Against Its Owner
IoT Risks: Turning a Security Camera Against Its Owner
You buy an outdoor cloud security camera to keep your home or business safe. A monthly fee buys you  a service to access the video feed remotely from a mobile device. Neat right?

Not really.

Not if the camera has multiple exploitable vulnerabilities that lets an attacker hijack the video feed, disable the device remotely, and steal the password of your WiFi network.

This is a real scenario, exemplifying the poor state of IT security of the Internet of Things.  

Alex Farrant and Neil Biggs, both employed at the cybersecurity consultancy firm Context Information Security, hacked a Motorola Focus 73 outdoor security camera. Through a series of steps they gained full control over the device. They've provided a detailed write-up of the Focus 73 hack, describing the camera's vulnerabilities and how they can be exploited.

Hijacking the feed
Farrant and Biggs show how an attacker can turn the camera against its owner. For instance, a tech-savvy thief who decides to rob the home the camera is supposed to protect, can appropriate the video feed to stake out the place:

The Focus 73 comes with an app that lets owners watch the camera feed remotely on their mobile device (provided they pay for this service). To enable this feature the video feed is streamed to the servers of Hubble Connected, a global IoT service provider.

Farrant and Biggs write:

Once we had established control of the camera we overwrote the DNS configuration file defined at /etc/resolv.conf so lookups for the cloud image storage,, would resolve to our web server allowing us to receive an Orwellian feed of movement alert JPEGs but also FLV video clips normally only available to paying customers of the Hubble service. The media is sent unencrypted using HTTP POST to either /v1/uploads/snap.json or  /v1/uploads/clip.json so we knocked up a PHP script to handle the uploads and store them to peruse at our leisure…

Failing IoT security
The camera's crappy security is, unfortunately, not an exception but part of a larger trend. Farrant and Biggs write that the camera “like many devices of its generation [...] presents new security threats to your network.” The lack of attention for security of the emergent Internet of Things (IoT) poses a new threat to the overall health of the internet, the Chief of the US National Security Agency's hacker squat warned recently.

In line with its responsible disclosure policy, Context Information Security contacted Motorola in October 2015 before publishing the findings online in February 2016. Motorola and its partners have made firmware updates available in November 2015 and are currently disseminating patches in an automated update process.
Loading comments...
related items