icon bookmark-bicon bookmarkicon cameraicon checkicon chevron downicon chevron lefticon chevron righticon chevron upicon closeicon v-compressicon downloadicon editicon v-expandicon fbicon fileicon filtericon flag ruicon full chevron downicon full chevron lefticon full chevron righticon full chevron upicon gpicon insicon mailicon moveicon-musicicon mutedicon nomutedicon okicon v-pauseicon v-playicon searchicon shareicon sign inicon sign upicon stepbackicon stepforicon swipe downicon tagicon tagsicon tgicon trashicon twicon vkicon yticon wticon fm

50 million cameras exposed to hackers due to massive security breach

50 million cameras exposed to hackers due to massive security breach
Internet users, beware: new security research has revealed that 40-50 million network-enabled device can be hacked and controlled remotely, with vulnerable products including cameras, printers and routers.

By hijacking personal devices like cameras, hackers can easily watch the every move of the device's owner and invade the privacy of millions of users. Internet routers that use a protocol called Universal Plug and Play (UPnP) allow network-connected devices such as computer and printers to make themselves easily discoverable, but new research by the security firm Rapid7 shows that this discoverability can be exploited by hackers.Many routers are set to use the UPnP by default, thereby subjecting all network-enabled devices using the router to the damage that hackers are able to inflict. As many as 50 million unique devices can be exploited and about 6,900 products are vulnerable to software bugs that have already been found in three different implementations of the protocol.Vendors including Cisco’s Linksys, Belkin, D-Link, and Netgear produce routers that make themselves and their connected devices susceptible to software bugs. At least 23 million types of connectible devices could be hijacked and permanently disabled, while others would face temporary incapacitation.Using the discoverability of the devices, hackers could invade the network itself, regardless of any sort of firewalls that might be in place, thereby endangering personal information. Hackers could use UPnP-enabled routers and their devices to access confidential files, steal passwords, take full control of computers and access webcams, printers and other security systems.“We never expected this much UPnP to be exposed on the Internet. The scope of the exposure just blew us away,” Rapid7’s chief security officer H.D. Moore told Forbes.“This is the most pervasive bug I’ve ever seen,” he told Reuters, referring to the software bugs that Rapid7 discovered in most of the vulnerable devices that were tested.Rapid7 recommends that Internet users check their routers for UPnP capabilities and disable the feature to protect their devices from being invaded by hackers. The new research also prompted CERT to issue a warning and Cisco to disseminate information about their susceptible products.“Linksys is aware of the industry-wide UPnP library security vulnerability announced by the US CERT on January 29th,” a spokesperson wrote on the company website. “We recommend Linksys customers visit our website to understand if their home router is affected, and learn how to disable UPnP through the user interface to avoid being impacted.”Unless Internet users take steps to ensure their network’s security, tens of millions could be at risk of having their information stolen, being watched through their own webcams, or having their devices destroyed.

Dear readers and commenters,

We have implemented a new engine for our comment section. We hope the transition goes smoothly for all of you. Unfortunately, the comments made before the change have been lost due to a technical problem. We are working on restoring them, and hoping to see you fill up the comment section with new ones. You should still be able to log in to comment using your social-media profiles, but if you signed up under an RT profile before, you are invited to create a new profile with the new commenting system.

Sorry for the inconvenience, and looking forward to your future comments,

RT Team.