skip to Main Content
Faith-Based Daily Awareness Post

Faith-Based Daily Awareness Post 2 August 2024

Faith-Based Security Headlines

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters.

Over 20,000 Ubiquiti Cameras and Routers are Vulnerable to Amplification Attacks and Privacy Risks

Check Point reports:

Check Point Research (CPR) assessed  the popular Ubiquiti G4 Instant Camera, a compact, wide-angle, WiFi-connected camera with two-way audio, along with the accompanying Cloud Key+ device that supports the application.

Key Highlights

  • CPR conducted an attack surface assessment, discovering two custom privileged processes were exposed on the camera’s network interface: Ports 10001 and 7004, both using UDP protocol
  • As a result of the port vulnerabilities, over 20,000 Ubquiti devices were identified as exposed on the Internet, revealing informational data including their platform names, software version, configured IP addresses and more
  • The exposed data could be used for technical and social engineering attacks

Check Point recommends the following:

Here are some things camera owners can do to avoid being infected:

    • Make sure your camera is using the latest firmware version and install a patch if available.
    • Patching your camera, router, and other IoT devices needs to become part of your regular cyber hygiene routine.
    • More and more IoT vendors enable automatic updates by default. Make sure that this automatic update feature is enabled. Ask the seller/vendor before buying an IoT device if it offers automatic updates.
    • If possible, do not expose your IoT devices, such as cameras, directly to the internet. If you do, ensure you’re not revealing more information about yourself than necessary (like names, addresses, and other personally identifiable information).

Analyst Comments:

Security cameras can be a key part of a Faith-Based Organization’s (FBO) robust security posture. As with any Internet of Things (IoT)* item, security cameras must be safeguarded. In addition to the Check Point recommendations above, always change the default password on newly purchased equipment.

*IBM defines Internet of Things (IoT) as:

The Internet of Things (IoT) refers to a network of physical devices, vehicles, appliances, and other physical objects that are embedded with sensors, software, and network connectivity, allowing them to collect and share data.

 

More Security-focused Content

Attacks on Houses of Worship in 2023
Read the March 2024 Threat Level Statement Update
Access all-hazards resources from public and private sector partners, curated by the FB-ISAO team.

The FB-ISAO’s sponsor Gate 15 publishes a free daily newsletter called the SUN. Curated from their open source intelligence collection process, the SUN informs leaders and analysts with the critical news of the day and provides a holistic look at the current global, all-hazards threat environment. Ahead of the daily news cycle, the SUN allows current situational awareness into the topics that will impact your organization. To sign-up for the SUN, send an email to [email protected]

Learn More About Gate 15’s Enhanced Intel Solutions

Back To Top
Show Buttons
Hide Buttons