">
TechMoran
  • About Us
  • Deals
  • Jobs
  • Motoring
    • Money
  • Pitch Your Startup
  • Submit Your Post
  • Freelance Gigs
  • Travel
  • Men’s Corner
  • Dating
Saturday, January 23, 2021
  • Startups
  • Reviews
  • Insider
    • Obituaries
  • Business
  • Women
  • Blockchain
  • Columnists
  • Hacks & Facts
    • How To
  • Editions
    • US Edition
    • India Edition
    • MENA Edition
    • Asia Edition
    • Europe Edition
    • International Edition
No Result
View All Result
TechMoran
">
Home Business

CCTV cameras & smart kiosks are vulnerable to cyber attacks

Eric Vateta by Eric Vateta
4 years ago
in Business, Tech
8 min read
0

Smart societies have their merits and demerits which are essential for a country’s growth. In Nairobi, CCTV cameras were installed in every major road connecting the city with other areas. Besides cameras, gamers have erected entertainment stalls that use high speed internet and high-tech systems. But these platforms do not just add value, fade in a dramatic thrill.

According to security experts, speed cameras used in cities and their supporting infrastructure can be hacked and malicious users could easily access these cameras and manipulate the data collected.

To add on that, ticket terminals in movie theaters, bike rental terminals, service kiosks in government organisations, booking and information terminals at airports, and passenger infotainment terminals in city taxis might all have a different appearance, but inside most of them are the same.

Each such terminal is either a Windows-based or an Android-based device. The main difference in comparison to ordinary devices is the special kiosk-mode software that runs on public terminals and serves as the user interface. This software gives the user easy access to specific features of the terminal whilst at the same time restricting access to other features of the device’s operating system, including launching a web browser and then virtual keyboard. Accessing these functions provides an attacker with numerous opportunities to compromise the system, as if he was in front of a PC. The research showed that almost any digital public kiosk contains one or multiple security weaknesses which allow an attacker to access hidden features of the OS.

Reported case

In one particular case, user interface of a terminal contained a web-link. The attacker only needed to tap on it in order to launch the browser and then – through the standard Help dialogue – launch a virtual keyboard. In another case – at an e-government service kiosk – the scenario required the user to touch the “print” button. After that, for several seconds the usual browser’s print dialogue window would be opened and, if quick enough, the attacker would tap the “change” [printing parameters] button to enable him to jump into the Help section. From there, they could open the control panel and launch the on-screen keyboard. As a result, the attacker gets all of the devices needed to enter information (the virtual keyboard and the mouse pointer) and can use the computer for their own mercenary purposes, e.g., to launch malware, get information on printed files, obtain the device’s administrator password, etc. And these are only a few weaknesses discovered by experts.

READ  Asilia to Launch Black White Simple Platform to Help Just Anyone Set Up a Complex Portal in Minutes

“Some public terminals we’ve investigated were processing very important information, such as user’s personal data, including credit card numbers and verified contacts (for instance, mobile phone numbers). Many of these terminals are connected with each other and with other networks. For an attacker they may be a very good surface for very different types of attacks – from simple hooliganism, to sophisticated intrusion into the network of the terminal owner. Moreover, we believe that in the future public digital kiosks will become more integrated in other city smart infrastructure, as they are a convenient way to interact with multiple services. Before this happens, vendors need to make sure that it is impossible to compromise terminals through the weaknesses we’ve discovered,” said Denis Makrushin, security expert at Kaspersky Lab.

Related posts

Top 5 Skills That Modern Software Developers Need to Have

January 22, 2021
0

What Software Developers Need to Know About Burnout

January 22, 2021
0

54gene launches a genome sequencing lab to track infectious and non-communicable diseases prevalent in Nigeria

January 22, 2021
0

Google’s Project Loon, solar-powered internet balloons discontinued

January 22, 2021
0

Another part of the research was dedicated to cities speed control cameras. Using the Shodan search engine, researchers were able to identify multiple IP addresses belonging to such devices and openly accessible from the web: no passwords were in use and anyone would be able to see the footage from cameras and more. Researchers discovered that some tools used to control these cameras are also available to anyone on the web.

“In some cities, speed control camera systems track certain lines on the highway – a feature which could be easily turned off. So if an attacker needs to shut down the system at a certain location for a period of time, they would be able to do that. Considering that these cameras can be, and sometimes are, used for security and law enforcement purposes it is really easy to imagine how these vulnerabilities can assist in crimes like car theft and others. It is therefore really important to keep such networks protected at least from direct web access,” said Vladimir Dashchenko

READ  Job Marketplace IDWork wins South Africa Round of Seedstars World

 

Readers 1,619

Share

  • Click to share on Telegram (Opens in new window)
  • More
  • Click to share on Tumblr (Opens in new window)
  • Click to print (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Pinterest (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Pocket (Opens in new window)

Like this:

Like Loading...

Related

Tags: cyber attacksINTERNET
Eric Vateta

Eric Vateta

Related Posts

Tech

Top 5 Skills That Modern Software Developers Need to Have

January 22, 2021
0
Tech

What Software Developers Need to Know About Burnout

January 22, 2021
0
Health

54gene launches a genome sequencing lab to track infectious and non-communicable diseases prevalent in Nigeria

January 22, 2021
0
Tech

Google’s Project Loon, solar-powered internet balloons discontinued

January 22, 2021
0
kplc
Tech

Kenya Power Rolls Out A Smart Metering Project Across The Country

January 21, 2021
0
Business

Customer Service Lessons From Leading Brands Including CarGuard’s Trevor Smith

January 21, 2021
0
123movies
Tech

4 Best Free Movie Streaming Sites In Kenya

January 21, 2021
0
Tech

Sophos Named Common Vulnerability and Exposure Numbering Authority 

January 20, 2021
0

https://bit.ly/2VOxuoBhttps://bit.ly/2VOxuoBhttps://bit.ly/2VOxuoB
ADVERTISEMENT

Join our Mailing List

Loading

Recent Posts

Top 5 Skills That Modern Software Developers Need to Have

January 22, 2021

Why Bernie Sanders Is A Trending Meme

January 22, 2021

What Software Developers Need to Know About Burnout

January 22, 2021

Which Tech Companies Are Employee Owned and Why?

January 22, 2021

Free money transfer service Taptap Send launches its services to Kenya

January 22, 2021
">
">

Follow Us

">

There are many sites out there focused on blowing off some steam, from funny entertainment to thrilling experiences like playing online, in some cases online gaming could grant you the chance to win extra money. We came across rocketpot.io while browsing for a good btc casino online and it left us a very good impression with their wide variety of games and crypto offering.

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

© 2019 Moran Media Group - All rights reserved TechMoran.

No Result
View All Result
  • Startups
  • Reviews
  • Insider
    • Obituaries
  • Business
  • Women
  • Blockchain
  • Columnists
  • Hacks & Facts
    • How To
  • Editions
    • US Edition
    • India Edition
    • MENA Edition
    • Asia Edition
    • Europe Edition
    • International Edition

© 2019 Moran Media Group - All rights reserved TechMoran.

Login to your account below

Forgotten Password? Sign Up

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.
%d bloggers like this: