Backdoor that was hidden intentionally by manufacturers in Chinese’s CCTVs that were exported to Korea were found. Cautions are demanded in CCTVs that were installed at many main facilities to block physical trespasses and industry spies can actually be ways where information can be leaked.
KAIST system security research center and NSHC (CEO Heo Young Il) found backdoors that were secretly hidden in 2 Chinese products. Research team sent this information to Ministry of Science, ICT, and Future Planning (MSIP) and Korea Internet & Security Agency (KISA). It is analyzed that backdoor, which is hidden with upgraded concealment technique using codes, was intentionally used. It is at a level where information industry information can be leaked or hostile countries or businesses can spy on information.
It is projected that controversy on Chinese’s IT equipments’ credibility will be continued as backdoor was found in CCTVs following detection of ‘Superfish’ program in Lenovo notebook that leaks personal information.
Backdoor was never mentioned in the product’s instruction manual. Only manufacturer can control CCTV’s all rights, and this can only be controlled by Cloud server that is installed in China. If manufacturer provides related function to government branch, that country can obtain CCTVs’ rights that are installed all over the world. It is same thing as one looking at foreign facility’s inside from afar.
CCTV that is recently released can control and confirm image from afar by IP cameras which are connected to the internet. Permitted user can always check video information whenever on the internet. Certain large manufacturers provide Cloud based control service and this can be used as an excuse to target and attack.
Weak point of two manufacturers’ IP cameras is that their codes can be executed by unauthorized users. By using this weak point, hackers can use and control CCTVs’ functions that are connected to Cloud system from afar. If CCTVs are connected to businesses’ networks, hackers can simply enter video information and even network, which can be ways where information business information can be leaked.
CCTVs’ administrative pages were also very loose after investigation. To log in into CCTVs’ administrative pages (to change settings and to monitor videos), IDs and passwords are saved as plain texts into a Cloud system. By easily obtaining administrator’s authority, hackers can change variety settings and video transfers by approaching CCTV through Cloud system.
“Concern that a backdoor is possibly hidden in certain equipments is high as US government recently said that it will reexamine all uses of IBM server. Businesses and governments should meticulously check which equipments are installed at important facilities. It is possible that hackers already recorded information from meetings and figure out important executives’ motives. Equipment’s Cloud IP needs to be blocked and access control should be strengthened.” KAIST system security research center and NSHC Red Alert research team said about what businesses and governments should do to protect from hackers’ cyber attacks.
Staff Reporter Kim, Insoon | insoon@etnews.com