On March 7, a CCTV leak occurred at a plastic surgery clinic in Gangnam, South Korea. The leaked video was posted on an Internet community, with about 31 videos showing 30 female victims. As some celebrities are among the victims, the case has become more of an issue.
This case is called the ‘Gangnam Plastic Surgery CCTV Leak’ or ‘Plastic Surgery CCTV Hacking’. However, the actual leaked video was filmed with IP cameras, not CCTVs (Closed Circuit Television).
As CCTVs are not connected to the external Internet, only people who own camera equipment can watch the filmed footage. However, as IP cameras are IoT devices connected to the Internet, they are vulnerable to hacking and leakage.
Is It Caused by Vulnerable Chinese IP Cameras?
The IP cameras that were illuminated in the Gangnam Plastic Surgery CCTV Leak case are known to be a product of company “H” in China. Various media outlets are reporting that the use of Chinese IP cameras, which are vulnerable to security, is the cause of the hacking.
Some IP camera products with weak security have hacking methods and tools posted on overseas hacker communities, making them easier to hack.
However, regardless of them being from a Chinese company, IP cameras can be exposed to the Internet for various reasons due to their nature. Overall, there are more IP cameras around the world exposed to the Internet than expected.
Potential Targets, Over 400,000 IP Camera Servers Exposed to the Internet
Criminal IP, an OSINT search engine, allows users to search IoT devices through IP address information with the Asset Search function. This can be done by using the tag filter to search for IP cameras exposed on the Internet.
Search Query : Tag: IP Camera
Search results show that there are more than 400,000 IP camera servers that are exposed to the Internet and are vulnerable.
What’s worse is that some servers have CVE vulnerabilities while some have been detected with the leakage of credentials such as authentication information that can be abused for hacking. Upon accessing the server, there are some cases in which the raw IP camera footage is shown.
Country Statistics of IP Camera Exposed to the Internet, U.S. Ranking 2nd
Criminal IP’s Element Analysis function shows the national statistics of exposed IP camera servers.
China has the most exposed IP cameras, with the U.S. ranking 2nd with over 50,000 exposed servers.
China, which has become an issue due to the Gangnam Plastic Surgery CCTV Leak, is overwhelmingly in 1st place, with about 130,000 exposed IP camera servers.
When searching only China’s IP camera servers with tag: IP Camera country: CN, most servers are seen to be in a weak state and classified as Critical.
Search Query : Tag: IP Camera country: CN
Precautions When Using IP Cameras
IP cameras are widely used as a popular IoT product because they are easier to install and use than CCTVs.
However, like this Gangnam Plastic Surgery CCTV Leak case, it is also true that they can be hacked by a hacker or a curious individual to cause serious damage such as leaking videos or remote control.
Therefore, when using IP cameras, it is recommended to prepare for hacking attacks as much as possible by referring to the hacking prevention checklist below.
- Use products that are proven to be secure
- Set up login authentication on your device and set a complex password. Also, periodically change your password
- Always update your software to the latest version
- Use OSINT search engines such as Criminal IP to check the safety of IP addresses and IoT products in use
Please refer to our article on kiosk administrator servers exposed to the Internet for a relevant case study.
Data Source: Criminal IP (https://www.criminalip.io)