Researchers from the cyber security company Kaspersky Lab have said that they have found many serious security flaws inside popular smart cameras manufactured by Hanwha Techwin.
Vladimir Dashchenko, head of Kaspersky Lab's vulnerability research team, said there were 13 vulnerabilities with the cameras of Hanwha's PNW SmartCam, which the company released when it was still owned by Samsung, as well as with how these cameras are connected.
According to Dashchenko, the vulnerabilities lay in the cloud service of the cameras which is used by clients to monitor data on their other electronic devices, such as phones and tablets.hacker can then proceed to use the camera in attacks on other devices, Dashchenko explained during the Kaspersky Security Analyst Summit.
In particular, a hacker can remotely download and execute any malicious code, steal personal user data, remotely disable the camera and so on.
Once the Kaspersky team broke through the network, it saw nearly 2,000 cameras connected online. There, Dashchenko was able to access every connected camera, as well as tamper with their footage. He could change what a person was seeing, both in real time and on what was stored.
"If it's blocked on the cloud, it's just a very pricey toy on your table. It doesn't work," the head of the team said.
Following the discovery made by Kaspersky Lab, Hanwha’s spokesperson said that their team’s researchers were working around the clock to deliver solutions to the vulnerabilities and provide a prompt update.