In addition to the reason of users’ limited awareness of information security, the use of poor quality cameras, and the existence of security holes are also the reasons why many people are exposed, leaked, or even sold their own images. private.
Information and data from personal cameras become targets of hackers
Recently, on social networks, there has been a situation of buying and selling clips from camera accounts stolen by bad objects. Depending on the quality of the content, the associations that sell the 18+ clip will collect a fee from 100,000 to 250,000 VND per joining. Not only providing depraved content, some groups also share hacked camera access accounts for a package fee of about 3-4 million VND. 
The fact that cameras are installed everywhere, the number of cameras is constantly increasing, making data from the camera a source of information targeted by many objects. (Artwork: Internet) According to experts of the National Cyber Security Monitoring Center (NCSC), the Information Security Department, the Ministry of Information and Communications, the sale of account information on social networks is not a new behavior, but it has exported. appeared long ago. However, in the past, normally subjects only sold bank accounts, social networks or accounts containing information such as email, phone number, identity card number … Nowadays, when cameras are installed everywhere, the number is constantly increasing, being a source of information targeted by many audiences, the camera account also becomes “hot goods” on the account trading pages. “This form of purchase is becoming more popular because the number of cameras is increasing. Victims who lost their camera account can be monitored by others through their own camera, ”said the NCSC representative. Many users accidentally revealed the camera system login information According to experts, there are many reasons for the widespread purchase and sale of clips and camera accounts on the network, in part due to regulations and sanctions against acts of buying, selling and distributing personal data. not enough deterrent. Commenting on the reason that the personal camera system is vulnerable to hacker attacks, both subjectively and objectively, NCSC’s representative said: “Subjective is because users accidentally reveal account login information. camera. And objectively, because users use poor quality camera equipment, do not ensure enough information security, leading to the device can be hacked by hackers, thereby getting the login account “. Having the same opinion with the representative of NCSC, a security expert for IoT devices at Viettel Cyber Security, Ha Toan, emphasized: A fundamental reason that makes personal and household cameras easy. Hacker attacks are due to the user’s limited knowledge of using IoT devices or cameras. For example, do not change the default password of the device when it is put into use. According to Toan, another reason is that the camera device of the manufacturer does not have a protection mechanism such as verifying the integrity of the firmware running on the camera device, allowing hackers to buy camera equipment and insert backdoors. (back door – PV) and then sold to the market. “During the work, we also discovered many backdoors allowing remote access in cameras originating in China”, Viettel Cyber Security expert added. Along with that, there are cameras that have vulnerabilities in firmware due to programming errors such as buffer overflow, hardcode login information, logic errors … allowing hackers to exploit to take control of the device. Camera account information can also be revealed because the installation staff deliberately fails to notify the password change during installation or notice the change but does not notice the change of the entire service as mentioned above also includes services RTSP, onVIF. Raise awareness of personal information protection, choose a reputable camera To overcome the widespread situation of buying and selling clips, camera accounts in particular as well as personal information and data, experts say that the Decree on personal data protection should be issued soon and come to life. This draft Decree has regulated heavy fines for violations of personal data protection regulations. “The more penalties for handling violations related to the purchase and sale of personal data will help increase deterrence and reduce the rate of violation”, expert of Vietnam Cyber Security Joint Stock Company (VSEC) Vuong Trong Nhan stated his point of view. But experts also emphasized the limitation in the sense of protecting personal data of users as well as the organization providing services related to user data. Making recommendations to users, VSEC experts advise them to first increase their sense of self-protection by not using the camera manufacturer’s default password, setting a strong password and setting a Private network system is only for indoor security equipment, instead of sharing the same Wi-Fi network. According to representatives of NCSC, individuals and businesses when using cameras need to have strict regulations and decentralization when allowing users to access their camera systems, need to change passwords regularly to avoid in case the login information is known by many people, the risk of leaking is also higher. Emphasizing on the safety factor of the device, experts say that choosing to buy cameras manufactured from major brands, products that have been assessed for information security as well as choose a reputable installation unit. is an effective solution to help users avoid the risk of information insecurity. On the other hand, is it time for camera manufacturers to pay more attention to whether their equipment meets information security requirements?
You must log in to post a comment.