Mike Olson has a post entitled “Beware, even things on Amazon come with embedded malware” over on artfulhacker.com about purchasing a few PoE IP Cameras off of Amazon, and how they came complete with malware embedded on them.
The “Internet Of Things” (IoT) offers a lot of opportunity for this to happen. The malware could be intentionally placed there by the manufacturer, where they fully intend to obtain information from the buyers that they use themselves, or sell to marketers or bad guys. Optionally, somewhere along the supply chain the components could be compromised and then pushed out to unwitting buyers.
Many of these products are made in South Korea, China, etc., so who’s to say a government wouldn’t be interested.
It’s not just cameras… IP phones, access controls, thermostats, intercoms, storage devices, media streamers, sensors, appliances, lighting and more are now connected and each one of those devices could either come pre-exploited, or become compromised at some point.
Buying quality products from trusted manufacturers and vendors is one way to reduce the threat, but even then, it’s always best to stay diligent.
Need IP cameras, IP phones or other products in the Upstate / Greenville SC area? Call us today at 864-990-4748 or use our handy contact form.