Vulnerabilities in Foscam IP Cameras
Vulnerabilities in Foscam IP CamerasFoscam

The use of smart devices is only going to grow in the next few years owing to its efficiency and cost savings but it can turn out to be a bane to the society owing to high risk of such devices being compromised to notorious hackers. A study by Finland-based cyber security firm F-Secure has said that Internet of Things (IoT) like webcams is vulnerable to hackers, which is a cause of concern.

F-Secure has said in its report titled "Vulnerabilities in Foscam IP Cameras" that smart devices that are engineered without regard for security are vulnerable to hacking and that hackers can "infect it with malware that would not only fully compromise the device, but also grant free reign inside the network, including access to network systems and resources."

Also read: Dangers of buying used smart home gadgets; what should you do if previous owner can still access the device?

IP camera or Internet protocol camera is a digital video camera usually installed for surveillance. It can send and receive data via a computer network and the Internet unlike CCTV (closed circuit television) camera.

The Finland-based cyber security firm discovered multiple flaws in two models of Foscam-made IP cameras namely Opticam i5 and Foscam C2 that can lead to full device compromise. Hackers can manipulate a webcam like view the video feed, control the camera operation, upload and download files from the built-in FTP server, stop or freeze the video feed, and even resort to DDoS (distributed denial of service) if a device is compromised.

Webcam hackers
Bulgaria detains hacker responsible for hacking 3,500 websites following Charlie Hebdo attacks in Paris. (Representational picture)Reuters File

"An unauthenticated attacker can persistently compromise these cameras by employing a number of different methods leading to full loss of confidentiality, integrity and availability, depending on the actions of the attacker," said the report.

"If the device is in a corporate local area network, and the attacker gains access to the network, they can compromise the device and infect it with a persistent remote access malware. The malware would then allow the attacker unfettered access to the corporate network and the associated resources," it added.

The report went on to say that the responsibility for ensuring the security of hardware and software ultimately lies with the vendors of smart devices.