The Risks of Peekaboo Hackings of Internet-Connected CCTV Cameras

It is beyond debate that your CCTV surveillance system is vulnerable to fraudulent hackers either through the internet of things IoT processes or through your entire operational network. A security breach hack named “Peekaboo” exists in China-based NUUDO Inc’s NVRMini2 which has over the period raised serious security concernsfor the contemporary CCTV surveillance worldwide. NUUDO Inc’s NVRMini2 is a network-connected storage device which permits the users to view and regulate 16 attached CCTV cameras at a time. The NUUDO uses the product and technology for their own purposes as well as for third-party surveillance at a large scale across the world.

The security vendor after discovering Peekaboo flaw said that it could potentially affect around 100 brands of CCTV and more than 2500 models of cameras installed in various organizations like retail and transportation industries, banking and government organizations. The NUUDO was informed about the vulnerability on 5th June 2018. The October 2016 Mirai malware attack has already demonstrated the devastating situation particularly on the Internet of Things connected devices and has established how adversaries take the opportunity of vulnerable CCTV systems, webcams and other internet-enabled devices.

Most experts say that the more IoT devices particularly the surveillance cameras get connected to corporate networks the more is the possibility of expansion of enterprise attacks. In order to resist the threats and protect the devices, the organizations need to understand their attack surface. The Peekaboo is an unauthenticated stack buffer over flaw which can be used to perform tampering with recordings or viewing remotely the camera feed without authorization. The Peekaboo enables access to the full system resulting in intercepting recording and feeds of the cameras by the attackers. The attackers can further replace live feeds with static images or tamper the stored images to hide malicious activities.

The Peekaboo attack is simple for the attackers to target various internet-enabled devices because of the easy availability of the vulnerable code path. However, it may be hard for the attackers to exploit the flaw where the devices are protected with appropriate firewall. The attacker would need to break into the internal network to access the vulnerable devices.

Exploiting or destroying the flow may not be easy for a cracker. Interestingly, NUUDO Inc’s NVRMini2 has mystery backdoor built into it. But it is only enabled provided a file with specific name existing in the system. In order to create such file, the attacker has to access the device physically or exploit through some other means.