Security cameras are a great tool for keeping your property or home safe. But they’re also a gateway for hackers to spy on you because these devices can be accessed through the internet. Lowlife hackers can take control of your private life and can misuse it to any extent.
There are disturbing stories of hackers remotely accessing security systems and spying on families through their security cameras. New technology can enhance your security system by allowing you remote access to your video feed or playbacking on the cloud. Of course these features are convenient, but they also represent a vulnerability that could allow a hacker to see your cameras from anywhere in the world.
Being alert and taking preventive measures is essential to avoid hacking of your security cameras. This guide shares the signs that can help determine if your CCTV system or security camera has been hacked. It also provides tips you can use to protect your security cameras against hacking.
Signs that your security camera has been hacked
Nowadays security camera systems can be hacked in several ways such as using default username and password, running obsolete and unsafe firmware, misconfigured and installed non professionally or even from lacking basic security features.
Usually, if a security camera is exposed to the internet, there’s a risk of being hacked. If the camera is simply on the local network (not connected to the network), it’s impossible to get hacked (since the camera is not even on the internet which means no one can see it).
There are a few telltale signs to watch out for if you have security cameras inside or outside your home, and knowing about these signs will help you take fast countermeasures. Below we’ve collected the most common signs that a hacker gained access to your security camera system.
1. Camera rotates abnormally
While most indoor security cameras are static (fixed), there are a few that offer a degree of rotation (such as baby or nanny cameras). In this case the camera is able to pan, tilt or zoom. Basically you’re able to control how the camera is positioned by using a phone app or via the computer.
If you happen to see any random movement, you should be cautious because it’s an obvious way to tell if your camera has been hacked. If you didn’t move the camera, then who did it? If your surveillance camera is rotating by itself pointing to a different direction, probably there’s a hacker remotely controlling your security camera.
2. Blinking camera LED light
Many security cameras use LED lights to indicate certain operations. For example, if the LED lights are blinking quickly, it means that someone is trying to connect to the camera. You may need to power cycle the camera and then see if the issue happens again.
LED lights are an important visual element to keep people aware. Always consult the camera’s manual to learn the meaning of LED lights, what does it mean if the lights go steady on and off, or if the LEDs blink randomly. If you’re not operating the camera but the lights blink fast, that means that probably a hacker is trying to login your camera.
3. The password of your account has changed
Double check the security settings of your camera. If you find them changed or the password is set to default or it doesn’t work, it means someone has gained control of your camera. The settings of the camera don’t get modified by itself.
When you unexpectedly realize the phone app doesn’t log in, it’s an indication that your security camera is being hacked. While you may receive an email address starting that your password has been changed, that’s not always the case. Certain manufacturers don’t send out any email when the password is modified.
4. Strange sounds or voices coming from the camera
Quite often, hackers deliberately want to make their presence known and they’ll speak through your camera using its speaker function. You’ll instantly know something’s amiss when you start hearing random strange sounds, or even voices that try to stir up conversation.
So, If you hear strange noises coming from your security camera, most likely your security camera has been hijacked and someone is spying on you through the security camera. Be cautious, even if it’s a small, minor sound.
5. Increased data usage or network traffic
Another way to find out if your security camera system is hacked is to check the data usage by your security system network. Accessing the livestream of a camera’s feed requires a large amount of data to be transmitted, which is a telltale sign that your security system is compromised.
Not only will some routers and gateways monitor data traffic, but some will even indicate the times during the day there are spikes. If your camera is transferring a huge amount of data during times when you know you’re not accessing it, it’s a clear indication the camera may have been hacked or fiddled with.
Certain cameras offer data usage diagrams on their settings, you can access the camera and see when the heavy traffic happened. Also, there are tools on routers that can monitor the traffic of your network. Take a look and see if something’s off.
6. Login history on your camera
Each IP security camera has a log history section on its settings tab where you can check what IP addresses or users have accessed the camera and at what time/date. This can shed some light who may be getting unauthorized access to your camera.
If you see any strange IP address listed there, copy it and paste it on google to find the location. You can find what country or even city the unknown IP address originated from. If it’s not familiar to you, then probably someone has hacked your security camera.
How to protect security camera systems from hacking
There are many things you should do to prevent your security cameras from being hacked. Below we’ve listed a few simple steps you can take to reduce the chances of your security camera getting hacked.
1. Keep the firmware of the camera update
Make sure your security camera’ firmware is updated to the latest firmware and you should always keep your security equipment up-to-date. Manufacturers are serious about protecting their cameras and will from time to time release firmware updates that fix software bugs and patch security vulnerabilities.
The newer and most advanced security camera will automatically download and install the firmware updates, while others require to be manually updated. In this case, you need to check the manufacturer’s website for the firmware or directly contact their support team.
2. Use your own password for the security camera system
It sounds unreal but many security owners use the default password that the security system comes with or they use the same password that the installer set up for them. This is a big no! You must create your own password for the admin account (any other account). Always create a unique password for each account that will access the security system. This way you can keep tracking of the users who are viewing the cameras.
There are software that crawl the internet for security camera systems and try a list of common passwords such as “12345”, “123456”, “admin”, “password”, etc. Make sure you use a strong password that would be difficult for someone to figure out.
To create a strong password: use something long and complex such as a random phrase or string of characters with number, symbols, uppercase and lowercase letters. We’d recommend using a password generator to get a complete random one. Make sure to store the password somewhere safe.
Don’t use personal names on your password, birth dates or even phone numbers. Hackers can retrieve this information from public social media profiles (Facebook, Instagram, etc) and could guess the password after a few tryouts.
3. Use two-factor authentication if your camera supports it
Set up two-factor authentication if your security camera offers it which will provide an extra layer of security. If you login to the camera, you’ll get a message or an email from the company to authenticate your account.
That way, if hackers get hold of your password, they still won’t be able to access your camera since they can’t verify the account via the two-factor authentication.
4. Limit the users who can access the security camera system
On the camera’s or security system’s settings you can give permission to use the system only for users who fulfill certain criteria. For example, you can set the Mac Address of the phone that can see the camera, or you can allow only certain IP addresses to login the security system.
It is advisable to limit the access of your CCTV footage on one or two devices, be it smartphone, laptop or personal desktop. Do not use public computers to view home security systems. This way you can minimize the chances to get hacked.
5. Build a subnet for your security cameras
It’s always recommended to put your IP security cameras on a separate network (on subnet). This way, all those cameras are inaccessible from the internet, all you need to worry is to keep the NVR safe and updated.
The picture below shows the diagram of a setup using a PoE NVR. As you can see the cameras go straight to the NVR and are not individually exposed on the internet. Or you can create the subnet via the router settings.
6. Purchase reliable security cameras
Don’t go for cheap cameras of cheap NVRs that no one has heard about. This type of equipment is mass made in China and lacks the basic security protections. You need to go for established brands that stand behind their product. Of course, you can save some money if you go for a cheaper and an unknown manufacturer but is it worth having someone spy through your own cameras?
A reliable and well-known manufacturer takes care of the firmware and the software of its security systems and will release updates to fix known bugs or vulnerabilities. Small manufacturers don’t care about their product after the sale is done. There are many vulnerable NVR or cameras on the market that can’t be patched up because the manufacturer hasn’t released any update for them.
Always research before purchasing a security system and go for brands that use advanced security features such as SSL/TLS encryption, WPA2-AES encryption, two-factor authentication, etc, which keeps the hackers away.
How security cameras get hacked
- The main way security cameras are vulnerable to remote hacks is through a technique called “credential stuffing.” Hackers use usernames and passwords from other data breaches to gain access to accounts. For example they can use large data breaches such as those at Equifax and try those passwords to security systems that they randomly ping on the internet.
- Another way is by randomly pinging IP addresses on the internet and once they find a security system they try an array of default passwords and accounts from various manufacturers or even the most common password. If the password wasn’t modified or it’s very common, they’ll easily get it and the fact is that many users don’t even bother to change the password.
- Hackers can find security vulnerabilities on firmware of the camera and then they will scan the internet until they find security systems running on those unsafe firmware. In this case they don’t even need to use any password to login. That’s why it’s very important to keep your security camera systems up-to-date.
- Hackers can locally hack the WiFi network and after that hack the cameras found on the network. They may simply try common default passwords to it, or spoof the wireless network until they get in. You have to make sure that your WiFi network is safe and that the WPA2-AES encryption is correctly adopted.