Exposed IP cameras may disclose your physical address

IP cameras are affordable and ubiquitous. You can conveniently monitor your home from almost everywhere. However, hundreds of IP cameras are unmaintained and vulnerable to attackers. In the worst case, exposed IP cameras can be misused to locate your physical address.

In this article, we show how attackers may locate your camera’s physical location and provide tips on securing your device.

Always stay in the loop!
Subscribe to our RSS/Atom feed.

Note
Please note: All pictures in this article show publicly accessible streams, broadcasted by unmaintained IP cameras. We removed sensitive details and don't show any people or private areas.

Quick recap

In another article, we share risks coming with unmaintained IP cameras.

Querying search engines like censys.io for IPv4 addresses tagged with “camera” in the Czech Republic reveals more than 2,000 devices in September 2021. Apart from these search engines, thousands of bots scan the internet with each passing minute.

Attackers likely find your IP camera on the internet if there are no protective measures in place, resulting in obvious risks:

  • Attackers may manipulate or disable your IP camera.
  • Attackers may misuse your vulnerable IP camera as the access point to your home network, and attack other devices that aren’t connected to the internet.
  • Attackers may observe your daily routines and record you.
  • Attackers may conduct social engineering by misusing this information.

Attackers can try to pinpoint your home by using the live stream of your camera. We show two examples below.

Two examples of pinpointing cameras

It may be easy to physically locate cameras, given their live image and approximate location based on their IP address. Let’s have a look at two publicly accessible live streams showing public areas.

Example 1: Camera somewhere in Prague, Czech Republic

The following camera is located somewhere in Prague, Czech Republic, according to its IPv4 address. Prague is home to more than 1.3 million people and has an urban area of 298 km².

First, we look for prominent features in the picture: You see tram tracks, special patterns on the sidewalk, and a park on the other side of the street.

An image showing several cars on a street in Prague as seen by a camera.
Example 1a: This camera is located somewhere in Prague, Czech Republic. Prominent features in the picture are tram tracks, the sidewalk patterns, and the park on the other side of the street. (🔍 Zoom in)

We can see passing trams if we wait for several minutes. As there are only seven cities in the Czech Republic operating trams, we can quickly verify that this stream is in Prague since the seven operators come with their own designs and colors for their trams.

By looking at the passing trams, we see the tram lines passing this camera are the lines 3 and 8. The lines limit the camera’s possible location to a 3 km long part of Sokolovská street in Karlín, Prague. There is only one location with a park on the other side of the street, shown in the following picture.

An image showing the satellite view of the camera's position.
Example 1b: The design and colors of passing trams point to Prague. The tram lines point to Sokolovská street in Karlín. The park on the other side of the street points to one remaining location. You can confirm the location by looking at the patterns of the sidewalk. (🔍 Zoom in)

Using the “panorama” feature of mapy.cz reveals the camera’s physical location, as shown below:

An image showing the camera on the wall.
Example 1c: Using the 'panorama' feature of mapy.cz reveals the camera's physical location. (🔍 Zoom in)

Locating this camera took about five minutes. Even worse, there are two additional IP cameras accessible via the same IP address but other ports. Another camera is on the front facade and one camera is in the building’s entrance hall, filming all residents and visitors of the building.

Example 2: Camera somewhere in the Czech Republic

Another camera is located somewhere in the Czech Republic, according to its IP address. The approximate location of the IP address is Prague again. However, looking at the camera’s stream, the small houses don’t look like anything in close proximity of Prague.

In the upper left corner, the stream shows “Zdirec n.D.” This label points to the city of “Ždírec nad Doubravou” in the Czech Republic. A prominent feature in the picture is a small park surrounded by apartment blocks.

An image showing the perspective of the camera.
Example 2a: Another camera is located somewhere in the Czech Republic according to its IP address. In the upper left corner, the stream shows 'Zdirec n.D.'. This label points to the city 'Ždírec nad Doubravou' in the Czech Republic. (🔍 Zoom in)

Ždírec nad Doubravou is a town in the Vysočina Region that lies between Pardubice and Jihlava. It has a population of 3,120. The aerial map of the town reveals one possible location: a park in the Northern part of the town.

An image showing the satellite image of the camera's location.
Example 2b: The aerial map of the town reveals one possible location: a park in the Northern part of the town. The screenshot is rotated through 180°. (🔍 Zoom in)

We switch to the “panorama” feature of mapy.cz to digitally stand in front of the house with the camera.

An image showing cars on the street in front of the camera's position.
Example 2c: We switch to the 'panorama' feature of mapy.cz to digitally stand in front of the house with the camera. (🔍 Zoom in)

Locating this camera was easy again.

Attackers may be in full control

The two examples above show how attackers can quickly pinpoint the physical location of cameras. They can learn about the camera’s manufacturer, model, configuration, and much more.

Attackers may be able to:

  • Rotate your camera to look around.
  • Start audio recording for eavesdropping.
  • Connect to your WiFi by using the WiFi password disclosed by the camera.
  • Hack other devices within your WiFi network.
  • Disable recording at all.
  • Format your storage cards to delete all recordings.
  • Delete log files to erase any traces.

Secure your camera

Consider the following to secure your cameras and similar IoT devices:

  1. Look for security support before buying a new camera (e.g., Does the manufacturer provide security updates?, Are there any negative reports regarding cyber security about this camera?).
  2. Change the default credentials of your camera, including usernames and passwords. Manuals may include the default credentials, allowing attackers to log in easily.
  3. Update your camera’s firmware frequently. Do not forget your device. It runs software as any other computer. Unpatched security vulnerabilities might be exploited to bypass strong credentials.
  4. Harden your device by enabling HTTPS and disabling unused or dangerous features like port forwarding and UPnP.
  5. Use WPA3-SAE to protect your wireless network traffic. If WPA3-SAE isn’t available, use WPA2-PSK-CCMP (sometimes called WPA2-AES).
  6. Shut down your camera if you don’t need it.
  7. Regularly check your camera’s log files for anomalies, such as configuration changes, failed login attempts, and restarts.
  8. Regularly recheck your camera’s settings.
  9. If you are tech-savvy and own appropriate hardware, set up a dedicated VLAN for your camera and configure strict firewall rules. Attackers won’t be able to attack other devices if deployed correctly.

Summary

Your IP camera is another computer running on your home network. Never assume that your camera is 100% secure and hidden from attackers. Carefully check its settings, harden its configuration, and monitor your device.

We republished this article in September 2021.

Read also