Jump to content
Voipmodo

A lesson on making sure your CCTV networks are secure

Recommended Posts

A Casino in Australia had a customer win $33 Million after using the CCTV System to win in several games. In this case an employee gave them a login to see it. This is why its important to have a clearly defined access system, restricting MAC addresses of clients for secure installs like this. I wonder how many installs out there, where someone can plugin to a jack on the network or join the WIFI and directly access a camera. I know there are several Search engine hits and hacks where you can see thousands of live CCTV cameras people never secured.

 

http://gizmodo.com/5990732/high-roller-takes-casino-for-33-million-with-security-camera-hijack

Share this post


Link to post
Share on other sites

Camera network visible on the public network....... Priceless!!

Well, it wasn't exactly priceless for the casino...

Share this post


Link to post
Share on other sites

You [probably won't be] surprised how many hotels have their guestnet and corpnet combined. The first time I noticed it was in 2004. Grabbed the credit card database and confirmed that my CC was on there, then ran down to the lobby to pay with cash and asked that my CC be reversed and removed from the system. Night Audit said it was deleted, but I ended up going back to the database file and deleting my card entry altogether.

 

It sparked an investigation a few months later and we ended up discovering that same hotel chain had ~4,200 locations with this issue at the time. If I had to guess, I'd say about a thousand of them are still operating under this flaw.

Share this post


Link to post
Share on other sites

MAC address filtering isn't foolproof either, as there are several free programs for changing your MAC to match that of an authorized system. Look up MAC cloning, it's not hard.

Share this post


Link to post
Share on other sites

If it wasn't an inside job, adn the employee didn't give his friend a login, would the guy have been able to view the cameras even

though they were on a public network?

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×