Allows hackers to remotely access these devices used in homes
According to the CID, the security breach is usually carried out by hackers around the world using the default login credentials, which are freely available online for thousands of devices. (File)
The Criminal Investigation Department (CID) at Abu Dhabi Police recently uncovered a security loophole in the CCTV Surveillance system, which allows hackers to remotely access these devices used in homes, schools and business environments via the default vendor username and password if they haven’t been changed by the customer once installed and operated.
According to the CID, the security breach is usually carried out by hackers around the world using the default login credentials, which are freely available online for thousands of devices.
CCTV manufacturers allow internet search engines to index their websites and products, which reveal the location of the devices still using the default codes set up by the manufacturers, listed in a directory.
Obtaining unauthorised access to these systems allows hackers to violate the privacy of users’ personal life and remotely connect their cameras without their knowledge, streaming live footage of victims at home or at work to viewers on the internet and social networking sites all over the world, wither for blackmailing purposes or achieving criminal objectives.
Colonel Ibrahim Sultan Al Zaabi, Deputy Head of the Criminal Investigation Department (CID) at Abu Dhabi Police, confirmed that the CID managed to take early notice of this security loophole through the forensic evidence e-laboratory.
He indicated that dealing with devices that may be hacked includes conducting the necessary inspection in order to identify people who have accessed these devices, as well as the time and duration of their attempts.
Moreover, he called on community members to change their usernames and passwords regularly and replace them with new ones, more complex and unrelated. He also urged CCTV manufacturers to automatically acquaint customers with the proper measures to create new usernames and passwords to be made available only to users.
These procedures would provide better protection for these devices against hackers and maintain the users’ privacy.
Colonel Al Zaabi also noted that the CCTV system is linked to users’ phones, hence the need to pay attention and change the username and password to avoid being hacked.
He warned citizens and residents against acquiring such devices from shops that sell them at cheap prices and not to have these devices installed by unskilled employees, who are unaware of the importance of changing the username and password.
In conclusion, Colonel Al Zaabi stressed the importance of exercising caution while dealing and using CCTV surveillance systems and to make sure to change username and password regularly, being the best protection against hacking.