Happy friday hope you're looking forward to the long weekend.
You wouldn't be alone as cybercriminals position themselves to take advantage of long weekends and holidays to strike. In this case, they may take advantage of a long-known vulnerability that allows remote access to China-owned camera manufacturer, Hikvision.
Their website calls Hikvision "The world's largest video surveillance manufacturer" and we see their equipment installed frequently at local businesses. If you have one installed at your facility or have seen it at somewhere you know, be sure it has been patched.
Last Fall, a command injection flaw in Hikvision cameras was revealed to the world as CVE-2021-36260. The exploit was given a “critical” 9.8 out of 10 rating by NIST.
Hikvision – short for Hangzhou Hikvision Digital Technology – is a Chinese state-owned manufacturer of video surveillance equipment. Their customers span over 100 countries (including the United States, despite the FCC labeling Hikvision “an unacceptable risk to U.S. national security” in 2019).
IoT (internet of things) devices such as these have a problem keeping up-to-date. It's a problem endemic to the industry, not just Hikvision. They aren’t always as easy or straightforward to secure as an app on your phone as updates are usually not automatic. Those who manage the equipment need to manually download and install them and many might not know there is a problem. Now you know.
Here is a link to Hikvision's Firmware Update page: https://us.hikvision.com/en/support-resources/cybersecurity-center/updating-firmware
Highly recommend making sure your camera system is up-to-date before heading off for the long weekend.
Stay safe out there -A