{"id":80627,"date":"2016-07-09T20:55:08","date_gmt":"2016-07-10T00:55:08","guid":{"rendered":"http:\/\/rbachnet.wwwmi3-ss40.a2hosted.com\/index.php\/"},"modified":"2022-08-10T12:16:44","modified_gmt":"2022-08-10T16:16:44","slug":"security-cam-concerns-in-ann-arbor","status":"publish","type":"post","link":"https:\/\/rbach.net\/index.php\/security-cam-concerns-in-ann-arbor\/","title":{"rendered":"Security Cam Concerns in Ann Arbor"},"content":{"rendered":"

\"SecurityNext time you are in Ann Arbor<\/strong> to get a bite to eat at Zingerman’s<\/a>\u00a0or attend a U of M<\/a> football<\/a> game at Michigan stadium<\/a> someone may be watching you. NetworkWorld<\/a>,<\/em> says<\/a> Ann Arbor<\/a> is one of the top U.S. cities with the most unsecured security cameras.<\/strong> In fact, Ann Arbor ranks seventh nationally.<\/p>\n

The report’s<\/a> author, security firm Protection 1<\/a><\/strong>, analyzed the data from Insecam<\/a>. Inseacam identifies open security cameras and Protection 1 estimates there are over 11,000 open security cameras on the Internet in the U.S. Protection 1 identified the cities with the most cameras that can be viewed by anyone online<\/strong>. The top 10 cities with unsecured security cameras are:<\/p>\n

    \n
  1. \"open<\/a>Walnut Creek, CA<\/a> \u2013 89.69 \/ 100,000 residents<\/li>\n
  2. Richardson, TX <\/a>\u2013 72.74 \/ 100,000 residents<\/li>\n
  3. Torrance, CA<\/a> \u2013 72.55 \/ 100,000 residents<\/li>\n
  4. Newark, NJ<\/a> \u2013 38.07 \/ 100,000 residents<\/li>\n
  5. Rancho Cucamonga, CA<\/a> \u2013 36.76 \/ 100,000 residents<\/li>\n
  6. Corvallis, OR<\/a> \u2013 37.98 \/ 100,000 residents<\/li>\n
  7. Ann Arbor, MI<\/a> \u2013 34.18 \/ 100,000 residents<\/li>\n
  8. Orlando, FL<\/a> \u2013 34.05 \/ 100,000 residents<\/li>\n
  9. Eau Claire, WI<\/a> \u2013 22.21 \/ 100,000 residents<\/li>\n
  10. Albany, NY<\/a> \u2013 20.32 \/ 100,000 residents<\/li>\n<\/ol>\n

    \"using<\/a>Open security cameras connect to the Internet via Wi-Fi<\/strong> or a cable. They have no password protection<\/strong> or are using the\u00a0manufacturer’s default password<\/strong>. Malicious people and governments can record or broadcast<\/strong> our lives from\u00a0unprotected open security cameras. Open cameras are also vulnerable attacks that can turn them into bots.<\/p>\n

    From a privacy perspective, the most worrisome finding is that 15% of the open cameras are in Americans\u2019 homes. Anyone can watch these cameras if the default password is not changed to a unique password to lock down the camera.<\/p>\n

    Besides being spied on from the web, open cameras can be exploited by criminals.<\/strong> Cyber-criminals can force online cameras to attack other things on the Internet as part of a DDoS attack<\/strong>.<\/p>\n

    \"distributed<\/a>A DDoS attack<\/a> against a jewelry shop website led to the discovery of a CCTV-based\u00a0botnet<\/a>. A distributed denial-of-service<\/strong> (DDoS<\/a>) attack is one in which a multitude of compromised systems attack a single target, thereby causing a denial of service<\/a> for users of the targeted system. TargetTech<\/a><\/em> says the flood of incoming messages to the target system essentially forces it to shut down, thereby denying service to the system to legitimate users.<\/p>\n

    Help Net Security<\/a><\/em> reports<\/a> that Sucuri<\/a><\/strong> researchers discovered the jewelry site was being attacked by a CCTV botnet<\/strong> made up of 25,000+ cameras from around the globe. The website was first attacked by a layer 7 attack (HTTP Flood<\/strong><\/a>) <\/span>at 35,000 HTTP requests<\/a> per second and then, when those efforts were thwarted, with 50,000 HTTP requests per second.<\/p>\n

    Sucuri researchers discovered that all the attacking IP addresses had a similar default page with the \u2018DVR Components\u2019 title. After digging some more, they found that all these devices are BusyBox<\/a> based. Busybox<\/a> is a GNU-based software that aims to be the smallest and simplest correct implementation of the standard Linux command-line tools.<\/p>\n

    \"CCTVThe compromised CCTV cameras were located around the globe:<\/p>\n