40,000 Security Cameras Exposed to Remote Hacking

More than 40,000 security cameras worldwide are exposed to the internet, cybersecurity firm Bitsight warns.

Operating over HTTP or RTSP (Real-Time Streaming Protocol), the cameras expose their live feed to anyone knowing their IP addresses, directly from the web browser, which makes them unintended tools for cyberattacks, espionage, extortion, and stalking, the company says.

The HTTP-based cameras rely on standard web technologies for video transmission and control, and are typically found in homes and small offices.

Some of them were found completely exposed to the web, allowing anyone to access their administrative interface and tap into their video feed, while others required authentication, albeit would return screenshots of their live footage if the correct URI and parameters were provided via an implemented API.

RTSP cameras, on the other hand, are optimized for low-latency, continuous video transmission, and are typically used in professional surveillance systems. They are more difficult to ...