Over 3m Hikvision cameras exposed worldwide

Companies and individuals are increasingly relying on internet-facing cameras for their security. Some of the most popular brands come without authentication, exposing their owners’ secrets.

Cybernews research team found 3.5 million IP cameras exposed to the internet, signifying an eightfold increase since April 2021.

Some cameras either come with default passwords or no authentication at all, putting their owners at risk. Threat actors can easily access unprotected camera feeds and even exploit them to hack into your network.

127,000 of all analyzed cameras recommend changing the default password but do not enforce it. Even more concerning is that over 20,000 cameras found had no authentication set up.

Most of them were manufactured by the HIPcam.

The lion’s share of all the exposed IP cameras - nearly 3.4 million - were manufactured by Hikvision. While the Chinese company has implemented a strong password policy on its devices, it faces an intense backlash from Western governments.

The UK parliament instructed government agencies to cease deploying Chinese equipment, including surveillance cameras, on sensitive sites, saying the technology is produced by companies subject to the National Intelligence Law of the People’s Republic of China.

In November, the US Federal Communications Commission banned authorizations for Chinese telecommunications and video surveillance equipment, saying that Huawei, ZTE, Hytera, Hikvision, and Dahua are “deemed to pose a threat to national security.”